[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Expiring identifiable customer information



Has anyone thought about ways we might expire, remove and optionally
restore identifiable customer/entity information from LedgerSMB datasets?

Obviously, preventing penetration of a production system is the intention.
There's always something in the news about breaches like TJMaxx and
monster.com.

There might be high target-value business which would prefer or be obliged
to no longer store the identifiable information in the production system
after the invoice is closed, as one example.

In my own use case, I think we'd like to use this, and map our own
customer number to an offline archive of the identifiable customer
information. As needed, we would restore individual customer data for a
repeat sale, or temporarily at an auditors' request.

I'm hoping that the revamped entity model in 1.3+ will make something like
this possible.

A simple database API to expire and restore customer data would be really
nice. It might let LedgerSMB move into additional business areas.