Data governance allows you to classify sensitive data and anonymize it on request. This is particularly useful to ensure compliance with data protection regulations, such as the GDPR art. 17 Right to erasure (Right to be forgotten).
When anonymizing data, the relevant record attributes are permanently deleted and replaced with generic information, such as Sensitive data deleted.
The data anonymization process consists of multiple steps, involving both back-end and front-end operations, as described below:
- Sensitive Data Classification - In this stage, digital developers or consultants who are familiar with the data model define the Sensitive Context And Sensitive Data and the Sensitive Data that is subject to anonymization in FintechOS Studio.
- Issuing Anonymization Requests - Once the sensitive data has been classified, operators can use FintechOS Portal to make Data Anonymization Requests. The operators search for the relevant data to be anonymized based on generic criteria, such as the sensitive context and the type of sensitive data (name, telephone number, identification code, etc.), not based on specific entities and attributes from the data model. Then, they identify, validate, and approve the data to be anonymized.
- Data Anonymization - After the anonymization requests are approved, Data Anonymization Jobs And Requests can process the requests and anonymize the actual data. For this purpose, you must configure the job server to run an anonymization service for the corresponding sensitive context.
This section covers the following topics: