Managing personal information in accordance with GDPR
As an administrator, you might experience users asking that their personal information (PI) be erased or corrected in accordance with the EU General Data Protection Regulation (GDPR). This section describes the most common scenarios that you might encounter and the actions that you need to take to satisfy the user requests.
Let’s say that a user who has left the company, for example, Carla Smith, requests to have her personal information erased. Most scenarios involve your changing the user’s name and email address so that they no longer reveal the user's identity. “Carla Smith” would become, for example, “Former Employee57” and her email address “formerempl57@organization name.com," depending on what system of pseudonymised names and addresses your organization decides on. Your organization should keep accurate records of these changes to avoid confusion should you have future dealings with the same users.