How do you fulfill a GDPR erasure request across data stores?
This tests cross-system deletion under GDPR's 30-day SLA. A strong answer maps PII lineage across S3, databases, and analytics; uses soft deletes for backups; and handles dashboards via reprocessing.
This tests whether you can architect a compliant erasure pipeline across heterogeneous storage under GDPR's 30-day deadline. A strong answer first establishes PII lineage to locate the user in raw S3, structured tables, and downstream aggregates. It then proposes soft deletes or cryptographic erasure for immutable backups, cascading deletes with foreign-key handling in databases, and aggregate reprocessing for dashboards. Red flag: treating the request as a simple SQL DELETE while ignoring backup immutability, event logs, and audit trails.
Read the original → aws.amazon.com
- #gdpr
- #data-privacy
- #data-engineering
- #compliance
- #system-design
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.