Reporting SIG members:
Today, we also went over the notes from the Report 2 Session at the recent Folio Developer’s conference in Madrid. Here is a link to those notes:
Reporting 2 Session Notes
Are there any questions/comments/feedback/follow-ups?
GDPR needs: I am not quite sure what is meant by a “tenant”, but it is clear, according to GDPR, that the data lake must not store any data from which a personal identity can be reconstructed (name, adress, email, user-id, phone number…) unless for a specific purpose. The need to run reports (not specifically saying what reports) build of these personal data is not an acceptable purpose in front of the law. The need to store the data for an audit trail (who last changed which data set) is not an acceptable purpose, from the GDPR point of view. One would have to justify what one needs this audit trail for.
In general, according to GPDR, the storage of personal data is forbidden unless for legal requirements (e.g. an employer needs to store personal data about their employees). Exceptions can be made with the consent of the person whose data are stored if there is a specific purpose why these data need to be stored. The specific purpose must be indicated at the time the data are collected.
The data lake has to be highly flexible in the sense that all data that goes through the Okapi gateway can be accomodated by the lake also later, even when the filters (or configuration, don’t know what it will be called) of the data lake have not been set for this particular element of data at the time of transaction. Only in this way it can be made possible to create new reports (when needed) that evaluate data that haven’t been looked at by other reports yet. Data, that hasn’t been raised from the transactional level to the data lake yet, so to say. Don’t know if this is technically feasible, but it is highly desirable (by the libraries).