“Forgettable” Principle

Added a “Forgettable” principle on the back of the GDPR “Right to be forgotten” and some exploration of the need for backups in Office 365 – which lead to retention policies and version and recycling bins etc.

This principle will need to be realized by Requirements in Policies that any personal data can be deleted on request.

In practice this may be easy (as in no personal data stored), to hard.  General File Stores (File Shares, OneDrive, SharePoint) likely being the worse to deal with – locating the documents, actually deleting them, remembering various recycling bins – both user and system, and battling against any other retention policies.  Then for most of systems there’s the problem of re-applying the delete should a full system restore be required.  Backups may still contain “forgotten” personal data…

This entry was posted in Enterprise Architecture and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.