+ Start a Discussion

Anonymization in GDPR

Based off new GDPR rules in EU, we need to anonymise the contact and Lead personal details. Salesforce provides obfuscateUser() to anonymize the User data.
Is there an equivalent process available to anonymise th Contact and Lead personal details. Or should we implement a custom logic for the same.
Will Shield Platform Encryption, encrypt [anonymise] the data for all users in Salesforce and for third party.
Also what would be the impact of enabling the 'Data Protection and Privacy', from Setup =>Search.

Kind regards,
Nathan EhrmannNathan Ehrmann
1. Indeed, obfuscateUser() can only be applied to users. You could certainly write your own methods that scramble some fields on the Contact or Lead record using a method from the Crypto class and invoke them from execute anonymous or with some triggering field on the record.

2. Judging from SFDC's literature, it sounds like any packages on the AppExchange have to respect the encryption, since that is in the metadata layer. Any middleware / ETL would have to respect that as well, so it seems like decent coverage.

3. Data Protection and Privacy adds an object called Individual.


It also adds Lookup fields from Lead, Contact, and Person Account to an Individual record. The record stores privacy preference settings.