GDPR Anonymization is available as LUCS feature to support the new General Data Protection Regulation (GDPR) and to correspond to data privacy laws across the Europe. The ‘Data Privacy’ page in the sidebar (application menu) presents a calls history for any specific selected customer. This functionality allows you to completely anonymize the data entry, keeping it for reporting purposes but allowing no further trackback to a particular caller.
The page is available to users with System Administrator permissions or any individual user with the "Data Privacy" role.
The anonymization is done using a stored procedure called [mgt].[usp_GDPR_anonymize]. It is created for
- anonymization of a specific customer identifier in reporting data
- delete a specific customer identifier from db routing tables
- replacement of the following external identifiers in reporting data with “sip:privacyAnonymized@domain.local”
- changing external identifiers in ExternalUri table and replicate it into all reporting data
Using the Feature in WebConfigurator
- To access the feature, click on the "Data Privacy" icon in the sidebar.
→ The "Customer Data: Search" page will open
- Use the search field or pulldown to select a customer. You may use a PSTN Number, SIP, URI or clear user name to search.
After you start typing any identifiers in search the information is displayed as follows:
Customer's calls history on Data Privacy page
→ If an entry is not present: LUCS call data is pushed into reporting tables using SQL dataloader procedures at regular specified interval - dependent on your initial Database setup. If you are missing recent customer call data to anonymize, allow for at least 30 minutes for entries to appear in this list.
You can now start the process upon clicking the ‘ Anonymize Data ’ button.
The process of anonymization is irreversible and will affect all the elements you identified with the search. Make sure you have narrowed the search down to just the elements you want to anonymize.
→ The following confirmation pop-up is displayed:Data Privacy: Confirmation pop-up for data anonymization
→ After data anonymization took place the page is automatically refreshed.
→ The anonymized data entry will not be listed anymore.
What Anonymization Does
To list the entries for anonymization the following query is executed in the database::
EXEC [mgt].[usp_GDPR_anonymize] @VerboseOutput = 0, @CustomerSip = '<YourSearchString>', @ExactMatch = 1, @Action = 'SELECT'
Once you click 'anonymize data' the following query is executed in the database:
EXEC [mgt].[usp_GDPR_anonymize] @VerboseOutput = 0, @CustomerSip = '<YourSearchString>', @ExactMatch = 1, @Action = 'DELETE'
To the following effects:
- Delete from db routing tables
- Replace the following external identifiers in reporting data with "sip:privacyAnonymized@domain.local"
- Change it in ExternalUri table and replicate it into all reporting data by running "integration job" & "aggregation job" into cube
- Support inbound & outbound: Replace InitialSipFrom & InitialSipTo in all session and reporting data
- Anonymize all Text Fields where the identifier is stored in dbo, etl.Transform, etl.Extract, Reporting and in OLAP Cube
- Anonymize also tables like CustomerIdentifierPreferredAgent, CustomerIdentifierBlackList, etc
Retrieve Anonymized Tables
To retrieve a list of anonymized tables and coluimns, perform the following query:
SELECT * FROM [mgt].[GDPR_FieldList]
Tables cleaned up are as follows: