This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
data_retention [2016/06/04 22:07] geelling |
data_retention [2018/07/18 20:08] (current) geelling |
||
---|---|---|---|
Line 20: | Line 20: | ||
* Retain indefinitely (default) | * Retain indefinitely (default) | ||
- | //note: retention period applies to the last time a form was changed or actioned in workflow, applications are treated as unsuccessful if ANY workflow field __starts__ with Decline, Withdraw, W/D or Fail (eg Declined, Withdrawn, W/D Dup will all be included)// | + | //note: form level retention rules are applied based on the last time a form was changed or actioned in workflow, applications are treated as unsuccessful if ANY workflow field __starts__ with Decline, Withdraw, W/D or Fail (eg Declined, Withdrawn, W/D Dup will all be included)// |
3. At field level, you can define which fields on application forms are treated as personal data | 3. At field level, you can define which fields on application forms are treated as personal data | ||
* [[special_treatment|standard library fields]] marked [PD] are always treated as personal data | * [[special_treatment|standard library fields]] marked [PD] are always treated as personal data | ||
- | * [[special_treatment|standard library fields]] marked [PDS] (eg search results) are treated as sensitive personal data and are always redacted after the short retention period has passed //regardless of the form-level rule applied// | ||
* other fields are treated as personal data if PERSONAL_DATA is added to special treatment | * other fields are treated as personal data if PERSONAL_DATA is added to special treatment | ||
+ | * [[special_treatment|standard library fields]] marked [PDS] (eg search results) are treated as sensitive personal data and are always redacted after the short retention period has passed //regardless of the form-level rule applied// | ||
+ | * other fields are treated as sensitive personal data if SENSITIVE_DATA is added to special treatment | ||
+ | |||
+ | //note: sensitive personal data is destroyed when the short retention period has passed from the date the customer submitted their form, not from the date of any credit or ID searches// | ||
+ | Encryption of sensitive personal data (new in release 6.8) | ||
+ | * Sensitive personal data is now encrypted on the database for additional security in the event of a data breach | ||
+ | * Encryption is automatically applied to all [PDS] fields, and fields marked SENSITIVE_DATA in special treatment |