Get Started
Get Started
Get Started
Get Started
Get Started

Step 2: RTBF Mapping Creation

Picture of master

master

Updated on October 25, 2024

RTBF Mapping Creation

Prerequisites:

Users should have the “CC full access” permission set assigned.

De-identification Basics

  • RTBF/ De-identification allows the user to de-identify any number of records attached to the objects in the hierarchy mapped.

  • Up to Nth levels of the hierarchy of objects can be mapped.

  • To create the mapping for RTBF/De-identification, navigate to the Implement tab. Click on the Add button on the RTBF/De-identification tile.
  • Fill in the details in the popup form. Click Save.
  • Record created.
  • Click on the dropdown arrow; the user will see four options

    • Add Related Object
    • Reconfigure
    • Field Mappings
    • Delete
  • All the child objects of the selected object (We have taken Account Object as a parent object here) will be shown in the list as shown below.

Relationship field:

  • When we create a mapping for the child, we have to provide the relationship field so that the application can understand the path it has to take.

  • After selecting the child object, the relationship field between the parent and child object will be populated automatically.
 

If there are multiple relationship fields, the user can select from the drop-down list of ‘Relationship Fields.’

Where Clause – Filter records by entering a WHERE clause, and the filter field should be like FirstName = ‘Mariko’; hence, RTBF will be performed only on those records where FirstName = ‘Mariko’ as shown in the screenshot below.

When the where clause pencil icon is clicked, a pop-up will show where the user can add the fields, operators, and values. Once saved, the where clause will be created and pasted into the where clause text box.

Users can add more filter clauses using the plus icon, and conditions can be chosen from the drop-down field.

Settings:

Delete: Data Deletion allows users to delete any number of records attached to the objects in the hierarchy mapped.

Hard Delete: Data Deletion allows users to permanently delete any number of records attached to the objects in the hierarchy mapped.

  • Delete Attachments: It allows users to delete the attachments related to the de-identified record.

  • Delete chatter feeds: This allows users to delete chatter feeds related to the de-identified record.

  • Delete Events: It allows users to delete the events related to the de-identified record.

  • Delete Notes: It allows users to delete the notes related to the de-identified record.

  • Delete Tasks: It allows users to delete the tasks related to the de-identified record.

  • Delete Emails: This allows users to delete the email activities related to the de-identified record.

  • Delete Files: It allows users to delete or de-link the files that are related to the de-identified record.

    Note: If the file is shared exclusively, then that file will get deleted permanently from the de-identified record, and if the same file is shared with two or more different records, then the file will get delinked from a de-identified record and remain as it is with the second record.

  • Click on the Save button.
 

Advanced Settings:

When the user clicks on the Advanced Setting, It will expand and show Processing Order and Classification Setting

  • Processing Order: This functionality simplifies the processing of parent and related objects by allowing you to decide your own sequence within RTBF / Retention Mapping.

    You can leave this field ‘Blank’ to process the execution of other related objects after the sequence. This field enables the user to insert a sequence of integers ranging from 0-99.
  • For Example, If the Account is a parent and the Case is a child of the Account, the processing order for the case is 1, and the processing order for the account is 2.

  • As per the processing order, the Case will be processed first for the Obfuscation/Deletion, and after that, the Account will processed
 

Classification Settings:

  • Data Classification enables users to classify the data per the Data Sensitivity Level. Users can decide which data is to be De-identified and which is not.

  • To process the records as per Data Classification, the user needs to add the Data Sensitivity Level to the fields of an object.

  • This functionality has been introduced in the CC 2.29 version and onward.

  • Users can see the Data Classification section on the De-identification mapping page, as shown in the screenshot below.

  • Note – To enable Data Classification functionality, follow the below path:

    • Setup -> Installed Package -> Configure -> De-identification -> Data Classification -> Enable Data Classification
  • Reconfigure: After clicking on Reconfigure, the user will see two sections of settings shown below
  • Delete Settings: In this section, the user can select Delete activities like Tasks, Notes, Attachments, etc., as mentioned above.
    Users can also select the ‘Delete’ checkbox, which will Delete whole records of the objects
  • After clicking on the save button, the user will see the Action ‘Delete’ for the object

Classification Settings: The user can De-identify the Object records as per the Data Classification and Data Sensitivity Level.

  • Data Sensitivity Level: Users can add the filter based on the Data Sensitivity Level so that CC will check the Data sensitivity level of the field for the record that the user wants to do RTBF on.
  • Compliance Category:
    The compliance acts, definitions, or regulations that are related to the field’s data.
    • Default values:
      • CCPA—California Consumer Privacy Act
      • COPPA—Children’s Online Privacy Protection Act
      • GDPR—General Data Protection Regulation
      • HIPAA—Health Insurance Portability and Accountability Act
      • PCI—Payment Card Industry
      • PersonalInfo—Personal information.

    • For use with the Enhanced Personal Information Management feature. Only available if Enhanced Personal Information Management and Digital Experiences are enabled.

    • PII—Personally Identifiable Information

    • The field corresponds to the ComplianceGroup field on the FieldDefinition Tooling API.

    • Data Classification works with AND and OR conditions to achieve Data Classification
 

The records that satisfy the Classification criteria those only records will be picked and processed.

  • Field Mappings – Here user can add field mapping for an object. After Clicking on Field Mappings user will see all the updatable fields for the De-identification process.
 
  • Click on the Field Mappings. Popup appears.

  • Search:  The search box, located at the top, operates in real time. It scans the field label, api_name, and type for any occurrence of the entered keyword.

    The search process is not case-sensitive and operates in “like” mode (%keyword%), meaning it will find matches of the keyword anywhere within the data.
  • Select the field for RTBF by checking the checkbox.
  • Select action. There are two actions.
    • Erase – This action will Erase the field after RTBF is processed.
  • Obfuscate – This action will replace text with another value.
    • Replace with the field will be available once the user selects Obfuscate in action.
    • There are 3 different ways in which the user can replace the original text.
      • Auto-Generated
      • Formula Field
      • Hardcoded Value


Auto-Generated: In this obfuscate action, the field value will be replaced by randomly generated scramble data. To achieve this obfuscation, keep the ‘Replace With’ field value as it is i.e To ‘Auto-Generated’.

  • Formula Field – Another special feature of Obfuscation is replacing the field value with the formula field value.-
  • Hardcoded Value -Obfuscation also supports replacing field values with hard-coded values. To achieve obfuscation using hardcoded value, write the hardcoded value in the section ‘Replace With.’ E.g., Removed.
  • Data Sensitivity Level:
    Users can add the filter based on the Data Sensitivity Level so that CC will check the Data sensitivity level of the field for the record that the user wants to do RTBF on.

  • Compliance Category
    The compliance acts, definitions, or regulations that are related to the field’s data.

    • Default values: CCPA, COPPA, GDPR, HIPAA, PCI, PII
      • Comments: In the Comments section, users can add any additional information if required.

      • Add to Data Vault: If a user wants to store the proof of de-identification, then the user needs to select the ‘Add to Data Vault’ option.

  • Save the mapping.
 
  • Quick save: The Quick Save button allows a user to save the mapping and stay on the field mapping window, while the Save button saves and closes the window.
  • Delete: After Clicking on the Delete button, the user can delete the selected object from the mapping.
  • Users cannot delete the master object at Level 1 as it’s a mandatory object added when a user creates a Configuration.

Nth level RTBF/De-identification

  • Nth level de-identification allows the user to de-identify/deletes any number of records attached to the objects in the hierarchy mapped.

  • Up to Nth levels of the hierarchy of objects can be mapped.
    • Let’s add the Contact as a Level 2, Case and User objects as Level 3 objects, and CaseComment as a Level 4 object.

    • Likewise, users can add as many objects to the Nth Level and add as many objects to each level.
 
  • Once object mapping is ready, users can add fields to respective objects by clicking on the ‘Field Mappings’ link for each object to perform Nth Level de-identification.

  • The number of fields selected in field mapping will be shown against the number of fields available in the object under the fields column.

  • Click on the Validate button to activate the mapping
  • The Status will be turned Not Validate to Validated.
  • Once the mapping is completed, the user can create a PrivSec Request and can process RTBF/De-identification on records.