Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Which parts are so difficult? Trying to find all the data about a user in the system?

I have some sympathy for an giant mash of databases like that.

I have no sympathy if someone claims that adding a tracking toggle to a single web site is too hard.



Normally it's hard enough to ensure that you have retained an authoritative copy of data, but now it's even harder to ensure that you have destroyed every incidental copy throughout the org on short notice. Then there's the bureaucratic "prior consultation" that will delay launches by months


Two major issues that I can remember offhand:

1. Deletion/rectification of all copies (that includes backups!) of personal data on demand. We currently are not sure where (in which systems) we store all that data, not to mention adding features to delete/update all data on request in each of those systems.

2. The requirement to complete description of all processes within the bank which touch personal data. That involves creating a fuckton of documentation, a lot of it for systems where required knowledge is missing (i.e. no one is quite sure how they actually work).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: