Several posts of late have had to do with data privacy, protecting information, etc., but from the standpoint of what does this mean for our systems and our work with data… I think the implications are critical planning points for systems going forward.
For me at least, when I’ve traditional built systems, once the data is acquired, it’s kept. We might move it to a warehouse for queries or archives for offline data storage or whatever. But we kept it. We’d collected it, we kept it. In fact, in the US at least, there are tax implications if you’re ever audited – you need to have backup information available for 7 years or so. That means keeping information around.
But… if you look at some of the data protection things going on (I’m looking at you, GDPR), this means that we have some innovative things to be doing with our information.
The GDPR (for example) dictates that a customer can remove their information from your systems on request. On the surface, this seems reasonable and like no big deal. However, think about that. You have customer records and presumably orders associated with them. If you go removing the customer records, you certainly don’t want to be removing the order information. We’ll need to have mechanisms for maintaining information on file, while still honoring the requirement to remove their information. And it’s exactly that; you have to remove the information. it’s not like you can just add them to the do not call/email list. You have to remove their information.
How do you support them in the future? How do you provide warranty support (if applicable) or returns or…?
It’s a complex issue that needs to be a key planning and understanding point in our systems. If it’s not solved for, you can be in for a real surprise, potentially, especially depending on your company, where you are in the world and who your customers are.
And I think this is just a small example of issues with data retention. For years we’ve been saying “look how cheap storage has become! Save it all!” and that may not be the right thing going forward. It may well be that we need to start thinking about summarizing information, saving sterilized information or other options that will keep information available, but not identifiable.
SQL Server provides some great support for masking and such – it’s important to understand these for your planning for systems. This will be impacted by your own system requirements of course. Things like ongoing charging mechanisms, repeat customers, customer convenience tools (like recalling a customer account) and so-on will need to be “scrubbed information-aware” – and provide prompts to re-gather information where possible during a transaction.
Oh, and don’t forget to record the date and time of consent with that account, and what the terms were at the time consent was provided. Many of these are fundamental components – and there are some great tools in SQL Server to support options. It’s the knowing that you need those options that will really make life better going forward.