Deleting Sensitive Data
- Former user (Deleted)
Owned by Former user (Deleted)
This occasionally comes up because someone puts sensitive data in the system. The real solution is prevention, as this procedure is likely not perfect, and repeated fulfillment of these requests ultimately does nothing to discourage bad behavior.
- any sensitive data should be redacted instead of deleting the record (except audit history entries)
- check any journal type fields in the table and redact
- check the email tables for any references to the data and redact
- check the offending record's table and redact
- check the corresponding audit tables
sys_auditandsys_history_linefor the tables you just redacted to delete audit history (filter on Old Value, Old, New Value, and New fields)- temporarily disable the write ACL protecting
sys_history_line.*
- temporarily disable the write ACL protecting
- check non-production instances and repeat these steps, or re-clone (usually audit table contents are not included in clones, but check anyway)
- re-enable any ACLs you changed