Data platforms, by definition, deal with data. While some types of data are harmless, other types carry liability. In this chapter, we will talk about compliance and data handling. First, we’ll see some examples of data classification and data handling standards. Depending on the nature of the data we process, we will see where we can store it, who can access it, what we can do with it, how long can we keep it, and so on. We will also look at some techniques we can use to change the type of the data. This includes anonymization and pseudonymization of personably identifiable information, and aggregation of sensitive data.
Next, we’ll look at implementing an access model that properly restricts access, including some advanced features provided by storage solutions, like row-level security and access control lists.