Save Time With Connect Bulk Data Retention Feature

The Bulk Data Retention feature enables you to redact sensitive data for multiple cases in bulk in Jadu Connect, using an API request. This helps you to keep on top of your data, removing it easily when it’s no longer required and helping you with GDPR compliance.

 

How does it work?

You can now redact cases that have - using workflow rules - been moved into a Connect filter, once the data on the case is no longer needed for processing the user’s request. Once moved into a Connect filter, an API post request is made. This can be manual or automated and will take all of the cases in the selected filter and delete all of the personal data in the case. On top of this, you can specify a transition to run after a case is processed as part of the API request. For example, you might wish to move cases to a ‘redacted’ status after the data has been deleted.


NOTE: The redaction will be run for all cases in the filter, regardless of the setting on the case type, to delete personal data which only applies to the manual deletion of data using the case action menu.

 

Setting up a Bulk Data Redaction

  1. Create a filter for cases being redacted
    It may be easier for you to create a status for cases that will be placed in the redaction filter for sensitive data to be removed, e.g. ‘To be redacted’ then you can create your filter which filters on this status.
  2. API User Permissions
    You can ensure that the API users that you will be allowing to make the API request has the ability to ‘delete personal data’ on the user’s role.
  3. Run or configure your API POST request
    You will need to choose a tool that can make a POST request and configure this following the Connect service API guide.

 

Delete personal data from a Connect case

To allow your staff to remove personal data from a Connect case for a case type, go to Settings > Workflow, and find the case type. On the ‘General’ tab, enable the toggle ‘Allow deletion of personal data from cases’, then save the case type.

The user roles that you wish to allow to delete personal data from a case must have the permission to ‘Delete personal data’ enabled which can be found on the ‘General’ tab of the ‘Roles’ page under Settings > User Administration.

When staff delete personal data in a case, the following contents are deleted:

  • Case values for all fields that are marked as sensitive
  • All messages
  • All letters
  • All email alerts
  • All file attachments
  • All case notes
  • The link to a person record (if applicable)
  • The link to an address (if applicable)

Fields with sensitive data

Case values will only be deleted for fields that are marked as containing sensitive data. This means that you will need to review your fields in Jadu Connect and check the box for ‘Contains sensitive data’, for any fields where personal data could be entered by the customer or a member of staff. This is likely to only apply to text, text area, telephone, email and URL fields. You should not allow fields to be deleted if you require the data for reporting purposes.

NOTE: We can include a success transition to be applied following redaction in the request body, in this example the “redact” transition will be applied. Also bear in mind that POST requests cannot be made via the browser and require a third-party tool, some of which will allow you to automate the running of the redaction action on a schedule in line with your needs.


You can keep up to date on the latest Connect releases by reading the release notes.

Back to Blog

Leave a comment