What are best practices and patterns available within Fauna to handle PII and related actions which would be taken? For example with GDPR we have “right to be forgotten” in which case we would need to delete all, including historic, references to names/addresses/etc in our data sources (aka. Fauna). Is there a way of easily tagging such documents and fields and easily wiping historic data? I’m particularly interested here in relation to temporal queries.
Hi Chris,
I don’t know of an officially recommended way to handle this, but some things you might do would be:
- Include an attribute of
{gdpr: [true|false]}on your documents, allowing you to match any that have that set totruefor special handling. You don’t need to include ones that will befalseas null values would be skipped in the next step, but definitely set any that do need GDPR compliance withtrue. - For any documents with
{gdpr: true}, useEvents()to get a list of all events on the document and then useRemove()to remove that history.
Please see our documentation on temporality and both Events() and Remove() for more details.
Cory