Personal data destruction

Note: The data destruction features described in this topic provide a set of features that help enable insurers to comply with some of their data destruction requirements. These requirements may be driven by insurers’ policies and practices, as well as by their interpretation of various regulatory requirements. Such regulatory requirements may come from, for example, the European Union General Data Protection Regulation (GDPR) or the New York State Cybersecurity Requirements for Financial Services Companies law.

PolicyCenter supports destruction of some kinds of data. Destruction can mean either purging the data completely from the database or it can mean obfuscating data, making the original contents permanently unreadable.

Obfuscation might be required if destroying the data affects contacts that cannot be destroyed. For example, purging user data for a former employee could affect hundreds or even thousands of contacts. Therefore it makes more sense to obfuscate the data for the user and leave the other data alone.

Guidewire provides several Cloud API endpoints that obfuscate or purge personally identifiable information (PII). Note that while the terms destruction and destroy encompass both obfuscating and purging, in Cloud API the destroy endpoints perform a purge.

PolicyCenter provides the following endpoints for data destruction:

  • POST /admin/v1/users/{userId}/obfuscate
  • POST /common/v1/contacts/{contactId}/destroy
  • POST /account/v1/accounts/{accountId}/destroy
  • POST /policy/v1/policies/{policyId}/destroy

The following supporting endpoints are also discussed in this topic:

  • POST /common/v1/contacts/{contactId}/do-not-destroy
  • POST /common/v1/search/contacts
Note: For detailed information on data destruction, refer to the following resources: