Data obfuscation in PolicyCenter

In general, personal data destruction in PolicyCenter is done through removal of database records. However, the entities associated with an employee who works in your installation of PolicyCenter are not conducive to removal because of the way data creation and changes are recorded. In particular, objects in the database are connected to the user that created them, and, in many cases, the user that last modified them.

Because an employee is likely to create or modify hundreds of thousands of objects, it would be computationally expensive to locate all those objects in the database. It would also be expensive to change those references to something else. It is not necessary to destroy the relationship between all the work that the employee performed and the fact that it was performed by a specific employee. If the employee's personally identifiable data is destroyed, the set of objects associated with the employee can remain and not violate the need to destroy personal data.

Therefore, in the base configuration, PolicyCenter obfuscates data related to UserContact objects.

Obfuscated objects

Each object can indicate whether it has been obfuscated in its Obfuscated flag. The system has no special handling for objects that have gone through obfuscation. Obfuscated objects act like any other active object in the system regarding search results, batch processes, and so on. You can implement additional functionality to filter obfuscated beans, according to PolicyCenter configuration capabilities. In your obfuscation implementation, you must take into account how your custom obfuscation might affect existing processes in PolicyCenter.

Preupdate rules

Data obfuscation works the same as a normal entity editing, so changes made during obfuscation will trigger preupdate rules for entity types that have rules registered.