GDPR Support (Later) (UXPROD-1641)

[UXPROD-291] GDPR Right of Erasure Created: 03/Mar/18  Updated: 10/Dec/21

Status: Open
Project: UX Product
Components: None
Affects versions: None
Fix versions: None
Parent: GDPR Support (Later)

Type: New Feature Priority: P3
Reporter: VBar Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: gdpr, privacy, round_iv
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Relates
relates to UXPROD-321 Capture User action (GDPR) Open
relates to UXPROD-322 Edge API (Patron Portal) for Right to... Open
relates to UXPROD-323 Anonymization Module integration Open
Potential Workaround: HK-Workaround. Two options: 1. UXPROD 323 should take care of this once all loans, fines and fees are taken care of by the patron. 2. The librarian can complete this by actually Changing the patron name to something like "Right of erasure removed" and manually erasing or changing the other PII fields in the patron record.
Epic Link: GDPR Support (Later)
Front End Estimator: VBar
Back End Estimate: Large < 10 days
Back End Estimator: VBar
Kiwi Planning Points (DO NOT CHANGE): 10
PO Rank: 113
PO Ranking Note: CB: Ranking same as calculated
Rank: BNCF (MVP Feb 2020): R1
Rank: Chalmers (Impl Aut 2019): R1
Rank: Chicago (MVP Sum 2020): R4
Rank: Cornell (Full Sum 2021): R4
Rank: Duke (Full Sum 2021): R1
Rank: 5Colleges (Full Jul 2021): R2
Rank: FLO (MVP Sum 2020): R2
Rank: GBV (MVP Sum 2020): R4
Rank: hbz (TBD): R1
Rank: Hungary (MVP End 2020): R1
Rank: Lehigh (MVP Summer 2020): R4
Rank: Leipzig (Full TBD): R1
Rank: Leipzig (ERM Aut 2019): R5
Rank: TAMU (MVP Jan 2021): R4
Rank: U of AL (MVP Oct 2020): R4

 Description   

This feature is about providing support for GDPR's Right of Erasure. The Folio platform can receive a user generated request for erasure of all user personal data being held in system.
The execution of that request itself will take the form of user anonymisation which is implemented by the GDPR User-centric Anonymisation feature

Estimates from stories:
UXPROD-323 Open Anonymization Module integration FE: None BE: Small < 3 days
UXPROD-322 Open Edge API (Patron Portal) for Right to Erasure FE: None BE: Medium < 5 days



 Comments   
Comment by Björn Muschall [ 28/Apr/19 ]

This should be moderated by the library, as the user may have open fees or loans or other open things outside the system. In this case, the user has no right to erasure, as there is a purpose-related reason for storing his/her personal data. In any case no immediate deletion can be demanded, there is always a given time limit.

Generated at Fri Feb 09 00:07:07 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.