Managing personal information in accordance with PI laws

As an administrator, you might experience users asking that their personal information (PI) be erased or corrected in accordance with local and international PI laws, for example the EU General Data Protection Regulation (GDPR). This section describes the most common scenarios that you might encounter and the actions that you need to take to satisfy the user requests.

Let’s say that a user who has left the company, for example, Carla Smith, requests to have her personal information erased. Most scenarios involve your changing the user’s name and email address so that they no longer reveal the user's identity. "Carla Smith" would become, for example, "Former Employee57" and her email address "formerempl57@organization," depending on what system of pseudonymised names and addresses your organization decides on. Your organization should keep accurate records of these changes to avoid confusion should you have future dealings with the same users.