In this dedicated GDPR guide of best practices, 4D helps you to build your GDPR compliance and get you started with your General Data Protection Regulation journey.
In this blog post, we’ll focus on a specific key step of this journey: discovery and how 4D can help you create an overview of existing personal data, via a built-in functionality. We’ll even provide you a code example!
comment field to the rescue
GDPR covers everything that can be considered personal data. That doesn’t just mean photos, and documents, it can also be things as basic as names and birth dates. 4D includes features designed to help you comply with these requirements.
For example, every table AND every field has a Comment field in the Structure Editor where you can enter a note indicating that this structure contains personal data and is, therefore, concerned with the GDPR.
Running the Find in design dialog using ‘GDPR’ as a search term will then get you a list of all the fields marked with the ‘GDPR’ keyword. And an Export Results item is available in the action menu, which allows you to export the search results in a text file!
Records of processing activities
GDPR requires maintaing “Records of processing activities” that manipulate personal data. This requirement is described in article 30. 4D helps you to easily extract records and generate reports in order to get more insights on data impacted by GDPR.
The EXPORT STRUCTURE command extracts the structure definition of the current 4D database in XML format. This lets you explore the elements and attributes of your XML tree, which in turn, helps you retrieve fields considered to be containing personal data.
In this database example, we provide the code to help you generate this type of report. Feel free to adapt it to your own needs and context. For users with earlier versions of 4D (older than 4D v16), we’ve used the Extract GDPR fields method to allow you to implement it in your code, too.