What is the best way to handle GDPR by business users in redshift?

Question

We  have been facing issues about responding to GDPR requests for the data stored in our redshift warehouse. Main issue is data stewards who are responsible for this are mainly business users and they have lot of redshift clusters. Is there a way by which end users can query across the databases to respond to the Right to be forgotten requests?

Accepted Answer

Responding to Right to Be Forgotten (RTF) requests could involve multiple steps where data discoverability is a critical element. Specific to your use case, I think the newly launched service Amazon Datazone - https://aws.amazon.com/about-aws/whats-new/2023/03/aws-amazon-datazone-preview/,  will be an useful option. Data stewards can be added to Datazone domain who can manage the business catalog and metadata glossary - https://docs.aws.amazon.com/datazone/latest/userguide/create-maintain-business-glossary.html. Authorization model using Datazone profiles and roles help streamlining access control across publishers and consumers of the data. - https://docs.aws.amazon.com/datazone/latest/userguide/security-authorization.html

What is the best way to handle GDPR by business users in redshift?

관련 콘텐츠