Data deletion orchestration based on the right to be forgotten
The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and of human rights law, in particular Article 8(1) of the Charter of Fundamental Rights of the European Union. The GDPR's primary aim is to enhance individuals' control and rights over their personal data and to simplify the regulatory environment for international business. Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements related to the processing of personal data of individuals who are located in the EEA, and applies to any enterprise — regardless of its location and the data subjects' citizenship or residence — that is processing the personal information of individuals inside the EEA.
A right to be forgotten was replaced by a more limited right of erasure in the version of the GDPR that was adopted by the European Parliament in March 2014. Article 17 provides that the data subject has the right to request erasure of personal data related to them on any one of a number of grounds within 30 days, including noncompliance with Article 6(1) (lawfulness) that includes a case if the legitimate interests of the controller are overridden by the interests or fundamental rights and freedoms of the data subject, which require protection of personal data.
Your company uses multiple software applications to store and manage diverse data. The data in these applications is in turn related to each other. Personal data must be able to be completely deleted according to the above information on GDPR and Article 17. In order to ensure that your company survives an audit based on Article 17 of GDPR, the following main points need to be clarified:
The knowledge of these main points is of crucial relevance for the deletion of personal data in your company, since the sequence of deletions within dependent business object types is based on them. The following figure illustrates the situation.
If the number of business object types to be deleted exceeds a value that is no longer manageable for manual deletion, the company will need to automate deletion. This is also the case especially if the dependencies between the business object types are complex and different applications have to be considered. Manual deletion errors can be avoided and a deletion evidence for audit reasons will be created.
A then required deletion automation system that orchestrates the enterprise applications for deletion consists of the following main processes during the automation. The technical setup and business configuration, such as the named business object types and orchestration sequences, have already been done.