Verelogic have proudly been working with a large multi-national Insurance company, who hold a lot of personal client data within their IT systems.
Due to the introduction of the new GDPR regulations governing the retention and holding of individuals personally identifiable information, our client had a requirement to address this.
The key requirement was that any personally identifiable data over 7 years in age had to be obfuscated from the rest of the information that still needed to be retained.
Verelogic worked with our client and identified potentially 5 million documents across a wide range of different IT databases, that would need to be checked and potentially obfuscated. As this information was contained in a live ongoing environment, there was also the requirement for this process to be repeated at regular intervals to ensure GDPR compliance was maintained.
Verelogic designed, developed, and implemented a tool that could be used with all of the different databases within the environment, and worked in a staged approach. The stages were to identify and stamp every document with a new Retain Until date (7 years after creation), then the next stage was to take all the relevant data and obfuscate the personally identifiable data from these records.
Verelogic included a manual intervention process at this point to prevent any data being obfuscated in error, and also a logging process to record who is completing the obfuscation (security check to aid the prevention of malicious obfuscation).
Finally Verelogic have created a schedule for our tool to run across all of the databases at a monthly interval and then provide a report to the client for confirmation of that month’s data obfuscation.
If you think Verelogic can help with any of your IT, or GDPR needs, then please get in touch!