Innovating Securely with Generative AI

Generative AI Securely Data Loss Prevention DLP


Large UK energy provider

Tech stack

Google Cloud


Generative AI


AI + Machine Learning

Our client is a UK-based major energy supplier that services millions of retail customers. The business wanted to confidently unlock new Generative AI use cases, such as call transcript analysis and testing, whilst minimising security risks. To protect the Personally Identifiable Information (PII) of their customers, they used Google Cloud’s Data Loss Prevention (DLP) service to efficiently conduct anonymisation, encryption, and decryption of data + prepare them for innovation. 

Our impact

  • Unlocked several new Generative AI use cases to improve customer experience with increased security, encryption + anonymisation of Personally Identifiable Information (PII)
  • Increased scalability of managing large volumes of sensitive data (2 PB<) with Cloud DLP templates to promote reusability and consistency 
  • Upskilled Data Engineering + Data Science Leads and business stakeholders about the capabilities of DLP and how to implement it for key use cases to ensure future adoption


The challenge

Generative AI is enabling innovative new use cases across various industries, such as content generation, internal analytics assistants, and new online experiences with highly interactive chatbots. 

For industries with sensitive data, it’s crucial that this data remains secure and does not become training data for Large Language Models, or is shared accidentally by a chatbot. One tool for this is Google Cloud’s Data Loss Prevention (DLP) service.

Our client wanted to encrypt sensitive PII data using Google Cloud’s DLP for several key data sources related to customer service. The goal was to unblock the business in its quest to leverage Generative AI and LLMs to further improve its interactions with customers, and the overall customer experience.

“Businesses can quickly unlock opportunities with Generative AI by providing their own data while adhering to strict compliance requirements and data privacy considerations for their customers. To support their use cases, our client asked Datatonic to design and implement a scalable way for two-way encryption of sensitive data using Cloud DLP that could also be adapted to future use cases.” – Kristoffer Vinell, Senior Data Engineer


Our solution

Datatonic worked closely with the business and technical team to implement Google Cloud’s Data Loss Prevention service, unlocking a range of innovative Generative AI use cases. The project involved: 

  • Implementing Cloud DLP inspection jobs for identifying sensitive data, including names, bank account details, phone numbers, and email addresses, as well as industry-specific data such as MPAN (Meter Point Administration Number)
  • Setting up Cloud DLP de-identification and re-identification of discovered sensitive data using deterministic encryption
  • Creating Cloud DLP templates to ensure the reusability of the solution across a multitude of future use cases
  • Configuring workflow scheduling to automatically de-identify historic and daily batches of raw emails from a dedicated Google Cloud Storage bucket


“We deliberately focused on creating reusable templates governed by DevOps best practices such as CI/CD and infrastructure-as-code to ensure that our client would be capable of adapting quickly to changing requirements and scaling to additional use cases to maximise business value over time.” – Kristoffer Vinell, Senior Data Engineer

With this in place, the business can get started on implementing highly impactful Generative AI use cases, focused on optimising internal operations and enhancing customer experience, even as the business continues to scale rapidly.