The application uses a custom object called PrivSec Request which allows users to drive the data De-identification process. We can create a PrivSec request manually by providing certain field values and then it will generate the records and process it.
1. Users should have the “CC full access” permission set assigned.
2. At least one mapping should be active for RTBF/De-Identification.
3. Lightning record page should be assigned to the user’s profile.
From the Manage tab, a user can directly create the PrivSec Request for processing the RTBF request
Users can go to Cloud Compliance Application and can click on the Manage tab. DSAR – Right To Be Forgotten will be available. Users can click on the Add button to create a new PrivSec Request record for RTBF. The user will be redirected to the page where the user can provide the necessary details to create the PrivSec Request which inclueds Subject Id which is nothing but Record Id of the target parent object.
User can get Record Id By following steps –
- Open record of an Object that user wants to De-identify, here we have taken record of Contact Object.
- Copy the ID from the address bar and this is the Record Id that the user can provide in Subject Id field.
Now enter the Subject ID (Record Id pf the Parent object ) and select Mapping that the user wants to use for the De-identification process.
As shown in the above screenshot user needs to provide the Subject Id and Mapping, here the Subject Id is the record Id that the record user wants to De-identify and Mapping is a De-identification mapping name that has been created for De-identification.
Note: The De-identification mapping will show only “Active” De-identification mappings.
4. Users will see a certain date field in the PrivSec Request record as shown in the below screenshot.
Requested Date- The date on which PrivSec Request is created.
Planned Processing Date – The date on which the records are eligible to be processed. If the date is equal to or lesser than “TODAY”, the records will be processed immediately.
Note: Planned Processing Date should always be lesser than Planned Deletion Date and Planned Associated Records Purge Date.
Planned Deletion Date-
The date on which the Data Subject Record Ids are eligible to be deleted. If the date is blank no records will be deleted. If the date is equal to or lesser than ‘TODAY’, the records will be deleted immediately.
Note: Planned Deletion Date cannot be lesser than Planned Processing Date and greater than Planned Associated Records Purge Date.
Planned Associated Records Purge Date-Date on which this request and all the related records are eligible to be purged. If the date is blank no records will be purged. If the date is equal to or less than ‘TODAY’, the records will be purged only when the purge batch is executed.
Note- Planned Associated Records Purge Date cannot be lesser than Planned Processing Date and Planned Deletion Date.
Batch Size- This defines the number of records that should be processed in a single batch.
Fill in the details as per the requirement and click on the Save button.
5. Now the user will be redirected to the PrivSec Request detail page in which the user will be able to see all the other details like Status, Sub-Status, Associated Records, etc.
On the detail page, the user will find a few more sections as follows –
Mapping Snapshot Details- Mapping Snapshot is a detailed view of values that have been provided in PrivSec Request. This contains the details like Record Id, Mapping Name, Object Name, etc. Users will see the Mapping Snapshot Details after clicking on the ‘Generate Records’ button.
Associated Records – This section contains the Data Subject Record Id of parent as well as associated records along with the details like Status, Action, Object Name, etc.
Associated Record Counts –
Total Count – Total number of records generated into the Associated Records
In-Progress Count – Records which goes under In-Progress after clicking on Generate Records button
Processed Count – Records which is successfully processed
Error Count – Records which is errored due to some reasons
6. Now enter the Subject ID (Record Id) and select Mapping that the user wants to use for the De-identification process.
Click on the ‘Generate Records’ button.
7. Once the user clicks on the ‘Generate Records’ button, records get generated in the Associated Records section, Status will be ‘In Progress’, and Sub-Status will be ‘Records Generated’.
Also, Users will see the respective object name gets auto-populated once we click on the ‘Generate Records ’ button and the Mapping Snapshot Details gets printed.
8. Now the ‘Process Records’ button will appear once the records get generated.
Click on the ‘Process Records’ button once the user confirms the details populated in all the sections after generated records.
Click on the Finish button
9. After clicking on the ‘Process Records’ button, records get De-identified and Status will be changed to ‘Processed’ from ‘In-Progress’.
If the user has provided a future date for ‘Planned Deletion Date’ OR ‘Planned Associated Records Purged Date’ then Status will be ‘Processed’ and Sub-Status will remain ‘In-Progress’.
Once the records get Deleted and Associated records get purged then the Sub-status will also become ‘Processed’.
Based on the De-identification process, the fields get updated in the Associated Records section as shown below,
Once the Associated Records get deleted, the ‘Deleted’ checkbox will be checked.
10. Now users can check the requested record and its associated records will have been De-identified.
Status Transition – Cloud Compliance
|Level||Status||Sub Status||Error message|
|CC||Open||NULL||If PrivSec Id Is Null|
|In Progress||New||If PrivSec Status=New|
|Validated||If PrivSec =Validated|
|Records Generated||if PrivSec Status=Record Generated|
|Error||Too Many Records Found||When one or more records found of the same name-value pair|
|Incorrect Mapping||Mapping does not exist or inactive||Incorrect mapping name, Mapping is inactive|
|Missing Parameters||Mandatory parameter XXXX is missing|
|Exception||send Catch exception stack trace as message|
|Record Not Found||If based on the name-value pair, no record is found||Not found any record of the given name-value pair|
|Processed||Processed||PrivSec Status as Processed|
|Record Not Found||Not found any record of the given name-value pair|