The application uses a custom object called PrivSec Request which allows users to drive the data De-identification process. We can create a PrivSec request manually by providing certain field values and then it will generate the records and process it.
1. Users should have the “CC full access” permission set assigned.
2. At least one mapping should be active for RTBF/De-Identification.
3. Lightning record page should be assigned to the user’s profile.
Lightning Record Page Assignment –
Cloud Compliance provides different Lightning Record Pages. To use the RTBF/De-identification, the user can assign a Lightning Record Page for RTBF/De-identification and assign it to the appropriate user’s profile.
To assign the Lightning Record Pages user can follow the below steps
- Go to Object Manager and search for PrivSec Request Object, click on the ‘PrivSec Request’.
Click on the ‘Lightning Record Pages’ as shown below
- Now the user will see different Record Pages that the user can assign. In this case, the user can click on ‘PrivSec Request Record Page – RTBF’
Click on the View button
- After clicking on the New button user will be redirected to the Lightning App Builder page.
Click on the Activation button
- Here user can click on the ‘APP, RECORD TYPE, AND PROFILE’ tab to select the application, record type, and profile for the selected Record Page
Click on the ‘Assign to Apps, Record Types, and Profiles’ button as shown below.
- Now User will see different applications so that the user can select the appropriate Application to which the user wants to assign the Lightning Record Page.
Here user needs to select the checkbox at the ‘Cloud Compliance’ application and click on the ‘Next’ button
Click on the ‘Next’ button
- Now there will be several Record Types that user will see so that the user can select the appropriate Record Type.
Here User needs to select the ‘RTBF’ as shown below and click on the ‘Next’ button
- User can select the multiple profiles as per their business requirement, here we consider the System Administrator profile and then click on the ‘Next’ button
- User can review assignments to check all the details and then click on ‘Save’
User can click on the back arrow to get back to the Object Manager.
Now Lightning Record Page has been assigned for the RTBF/De-identification.
1. To create a PrivSec Request record user needs to add the tab or click on the App Launcher and search for PrivSec Request.
Click on PrivSec Request
2. Click on the New button to create a new PrivSec Request record. One popup will appear which will include Record Types of PrivSec Request.
3. Select RTBF in the case of De-identification and click on the Next button.
The user will be redirected to the page where the user can provide the necessary details to create the PrivSec Request.
To create PrivSec Request record user needs to provide a Subject Id which is nothing but Record Id.
User can get Record Id By following steps –
- Open record of an Object that user wants to De-identify, here we have taken record of Contact Object.
- Copy the ID from the address bar and this is the Record Id that the user can provide in Subject Id field.
As shown in the above screenshot user needs to provide the Subject Id and Mapping, here the Subject Id is the record Id that the record user wants to De-identify and Mapping is a De-identification mapping name that has been created for De-identification.
Note: The De-identification mapping will show only “Active” De-identification mappings.
4. Users will see a certain date field in the PrivSec Request record as shown in the below screenshot.
Requested Date- The date on which PrivSec Request is created.
Planned Processing Date – The date on which the records are eligible to be processed. If the date is equal to or lesser than “TODAY”, the records will be processed immediately.
Note: Planned Processing Date should always be lesser than Planned Deletion Date and Planned Associated Records Purge Date.
Planned Deletion Date-
The date on which the Data Subject Record Ids are eligible to be deleted. If the date is blank no records will be deleted. If the date is equal to or lesser than ‘TODAY’, the records will be deleted immediately.
Note: Planned Deletion Date cannot be lesser than Planned Processing Date and greater than Planned Associated Records Purge Date.
Planned Associated Records Purge Date-Date on which this request and all the related records are eligible to be purged. If the date is blank no records will be purged. If the date is equal to or less than ‘TODAY’, the records will be purged only when the purge batch is executed.
Note- Planned Associated Records Purge Date cannot be lesser than Planned Processing Date and Planned Deletion Date.
Batch Size- This defines the number of records that should be processed in a single batch.
Fill in the details as per the requirement and click on the Save button.
5. Now the user will be redirected to the PrivSec Request detail page in which the user will be able to see all the other details like Status, Sub-Status, Associated Records, etc.
On the detail page, the user will find a few more sections as follows –
Mapping Snapshot Details- Mapping Snapshot is a detailed view of values that have been provided in PrivSec Request. This contains the details like Record Id, Mapping Name, Object Name, etc. Users will see the Mapping Snapshot Details after clicking on the ‘Generate Records’ button.
Associated Records – This section contains the Data Subject Record Id of parent as well as associated records along with the details like Status, Action, Object Name, etc.
Associated Record Counts –
Total Count – Total number of records generated into the Associated Records
In-Progress Count – Records which goes under In-Progress after clicking on Generate Records button
Processed Count – Records which is successfully processed
Error Count – Records which is errored due to some reasons
6. Now enter the Subject ID (Record Id) and select Mapping that the user wants to use for the De-identification process.
Click on the ‘Generate Records’ button
Click on the Finish button
7. Once the user clicks on the ‘Generate Records’ button, records get generated in the Associated Records section, Status will be ‘In Progress’, and Sub-Status will be ‘Records Generated’.
Also, Users will see the respective object name gets auto-populated once we click on the ‘Generate Records ’ button and the Mapping Snapshot Details gets printed.
8. Now the ‘Process Records’ button will appear once the records get generated.
Click on the ‘Process Records’ button once the user confirms the details populated in all the sections after generated records.
Click on the Finish button
9. After clicking on the ‘Process Records’ button, records get De-identified and Status will be changed to ‘Processed’ from ‘In-Progress’.
If the user has provided a future date for ‘Planned Deletion Date’ OR ‘Planned Associated Records Purged Date’ then Status will be ‘Processed’ and Sub-Status will remain ‘In-Progress’.
Once the records get Deleted and Associated records get purged then the Sub-status will also become ‘Processed’.
Based on the De-identification process, the fields get updated in the Associated Records section as shown below,
Once the Associated Records get deleted, the ‘Deleted’ checkbox will be checked.
10. Now users can check the requested record and its associated records will have been De-identified.
Status Transition – Cloud Compliance
|Level||Status||Sub Status||Error message|
|CC||Open||NULL||If PrivSec Id Is Null|
|In Progress||New||If PrivSec Status=New|
|Validated||If PrivSec =Validated|
|Records Generated||if PrivSec Status=Record Generated|
|Error||Too Many Records Found||When one or more records found of the same name-value pair|
|Incorrect Mapping||Mapping does not exist or inactive||Incorrect mapping name, Mapping is inactive|
|Missing Parameters||Mandatory parameter XXXX is missing|
|Exception||send Catch exception stack trace as message|
|Record Not Found||If based on the name-value pair, no record is found||Not found any record of the given name-value pair|
|Processed||Processed||PrivSec Status as Processed|
|Record Not Found||Not found any record of the given name-value pair|