Addressing data privacy requests

As a Data Protection Officer or Remedy Administrator, you can handle data privacy requests that an individual raises.

Related topics

Planning

To handle data privacy requests in the AR System database

When an individual logs a data privacy request, the Data Protection Officer or Remedy Administrator needs to act on the request by searching, extracting, or anonymizing the personal data connected to that individual. The following procedure explains how to use the AR System Personal Data Privacy (PDP) utility for performing any of these operations.

  1. Back up the database.
  2. In BMC Helix ITSM, select Applications > Personal Data Privacy, click the PDP Job Console form, and create a job.
  3. Enter the details of the requester, and then on the Personal Data tab, click Add.
    Personal Data refers to the string that is searched in the database. 

  4. Enter values in the Personal Data Label and Personal Data fields.

    For example, to search for mmann@calbroservices.com, where mmann@calbroservices.com is the email address, enter Email Address in the Personal Data Label field and mmann@calbroservices.com in the Personal Data field.

    The Replace with field is auto-populated with a string. When the AR Forget operation is executed, the Replace with string replaces the string entered in the Personal Data field.

  5. Click Add.
    You can add multiple Personal Data strings in a job for a requester.

  6. Click Lock Personal Data to lock the data connected to the requester.

    You can use the Exclusion List or Inclusion List forms. For more details, see Considerations below.

  7. From the Operations tab, select an operation and click Execute.
    The following screenshot shows different types of the Execute operations:
    Execute operations.png
    The following table describes different types of Execute operations:

    Operation 

    Description

    AR Search

    Search Personal information data in the database and provide result in the Search

    Result tab.

    AR Extract

    Extract the result of AR Search operation in the CSV format.

    AR Forget

    AR Delete

    Anonymize the personal data information that is extracted from the search result.

    When the anonymize operation is completed, a message is displayed describing the number of records that were anonymized or failed to anonymize. You can make required changes in the search results and run the operation again for the failed records.

    PDP_SS.PNG

    There might be personal data that is not connected to the user that has requested data privacy request. In this case, examine and modify the search result report to include the personal data that is connected to the user.

    Run the utility for one individual at a time and provide all the possible personal data within the same job to anonymize. This approach produces the optimal number of records to review for the search result of the requester.

    Be sure to anonymize or delete all the personal data for an individual in a single operation. Partial anonymization or deletion of personal data for an individual might cause data inconsistencies in the database and might result in errors within the database.

Statuses in Personal Data Privacy utility

The following list explains statuses that are displayed across the different phases of the Personal Data Privacy utility.

Status

Description

New

Initial status that is assigned automatically when a job is created.

Waiting for personal data

Personal data is not yet added after the job is created.

Ready for Search

Personal data is filled, and the utility is ready for search operation.

Performing Search

Utility is searching for personal data.

Performing operation

The extract or anonymize operation is in progress.

Successful

The operation was successfully completed for all the selected records.

Failed

The operation was not completed for all of the selected records due to some errors in the data.

To handle data privacy requests in the Smart IT database

When the Personal Data Privacy (PDP) utility (located in the installationDirectory\BMC Software\Smart_IT\SmartITCustomizationUtil\password-encryption-version-BUILD-SNAPSHOT.zip) runs on the User or People form to anonymize the Login Name field for a requester, the Smart IT database needs to be updated with the anonymized string.

  1. Double-click to open the PDP utility:
    (Windows): PDPU_SmartIT_DB_Tool-9.1.05-SNAPSHOT\scripts\win\smartit_pdpu_tool.bat
    (Linux): PDPU_SmartIT_DB_Tool-9.1.05-SNAPSHOT\scripts\linux\smartit_pdpu_tool.sh
  2. Enter the following command to encrypt the password for the Smart IT database:
    Command in Shell mode: pdpu-encrypt-password <your password>EncryptPassword.PNG

  3. Open PDPU_SmartIT_DB_Tool-9.1.05-SNAPSHOT\scripts\win\..\..\config\application.yml in a text editor and update the following database connection details:

    Field

    Value

    driver - class - name

    Enter the name of the database.

    url

    Enter the URL to access the database.

    username

    Enter the user name who has the permissions to update the database.

    password

    Paste the encrypted password that is copied from step 2 in this syntax: ENC(xxxxxxxxxxxxxxxxxxxxxxxx)

    tenantid

    Enter the tenant ID between the double quotations.

Handling data privacy requests in Smart Reporting

The user sync utility creates jobs to synchronize Smart Reporting database with the updates that are made on the AR System User and People forms. When an operation is performed on these forms, a corresponding job is signaled to be executed at a scheduled time for a customer. The job schedule is controlled by the escalation that executes in every 12 hours, and checks for synchronization requests. This user sync utility helps updating Smart Reporting database for data privacy requests. 

 Considerations

Consider the following points while executing a request for a data privacy operation:

  • You should configure the list of forms in the following forms:
    • Exclusion List—Specifies the names of forms in which the personal data must not be searched. For example, to prevent searching personal data from the Audit form, you must add the Audit form in the Exclusion List.
    • Inclusion List—Specifies the names of forms in which the personal data must be searched.
  • If a form is added to both forms, the Exclusion List takes precedence over the Inclusion List.
  • When the Exclusion List or Inclusion List are not configured, personal data is searched in all the forms.
  • Before executing AR Extract or AR Forget operations, you must execute an AR Search operation. If you select any operation other than Search, an error is displayed.
  • Personal data is not searched inside an attachment.
  • Personal data in the Last modified by field is not anonymized.
  • The anonymization operation cannot anonymize a specific field value if the size of a field is less than the Replace String field value.
  • A data privacy operation is not reversible. Before executing the AR Forget operation, make sure that the entered information string is correct.
  • When multiple Personal Data records are added to a job, sometimes multiple errors are displayed in the job logs of the AR System Personal Data Privacy utility.

Frequently asked questions about the PDP utility

What if an organization is not established in the EU?

The GDPR applies to the processing of personal data of EU residents, regardless of the location of the organization processing such personal data.

Does the PDP utility search personal data inside attachments?

No.

Who can run the PDP utility? Does it require any special permissions to execute a PDP operation?

The Remedy Administrator or PDP Administrator of Remedy can run the PDP utility.

Can I pause a PDP operation and continue later?

No.

Can I cancel a PDP operation?

No.

What does the Lock Personal data button do?

The Lock Personal data button is used to prevent for simultaneous access to the data that is connected to an individual. The personal data must be locked to perform an operation in the PDP utility. Additionally, locking personal data option gives an opportunity to the administrator to verify the personal data as the data cannot change once it is locked.

How do I use PDP utility for multiple people?

This is usually a request-driven operation. An individual wants to know about stored personal data that is connected to that individual, or requests to be forgotten. This utility helps companies to address such requests for personal data stored in the Remedy solution.

Is the utility available in Remedy as a shared service, too?

Yes, the utility is also available for Remedy as a Service installations.

Can multiple data privacy jobs run at the same time?

It is not recommended to run multiple data privacy jobs in parallel. The jobs can be run from the job console only.

Is it possible to create a workflow to fill the replacement configuration table in first tab?

Native AR System platform capabilities can be used with the forms for PDP utility. 

If an ex-employee is re-hired in an organization, can the data be reverted back?

There is no built-in revert function. Once anonymized, data cannot be reverted.