Facilitating compliance to adherence to customer data privacy regulations to support expansion into newer markets
RH sought to identify and encrypt PII data to comply with EU's GDPR standards, enabling expansion within the EU. Their objective involved establishing coexistence of EU and USA applications, minimizing disruptions in accessing business data amidst challenges posed by region-specific regulations. The complexity was further heightened by dependencies on multiple concurrent projects, while there was a need to the provision of a 360-degree customer view and seamless loyalty information across instances.
Accellor conducted a thorough examination of the client's Salesforce configuration to pinpoint fields containing PII data requiring encryption. Given the extensive field count, a tailored tool was created to identify various field dependencies (rules, reports, Salesforce AppExchange products, automations, workflows, etc.), with an analysis of their impact and the identification of workarounds.
Salesforce's Shield Platform encryption was chosen to encrypt customer data and fields within the CRM, with the initial analysis filtering out fields limited by Shield constraints. The encryption scheme was determined based on field usage. Accellor scrutinized over 30 objects, 650 fields, 900 reports, 90 business process automations, several integration systems, and AppExchange apps, identifying 78% of the fields for encryption. The choice between deterministic or probabilistic encryption schemes was made depending on record usage.
Accellor successfully encrypted more than 500 fields using the Salesforce Shield Platform encryption, seamlessly integrating with existing setups and app integrations without any disruption to business operations. Following the analysis, the encryption was implemented within approximately 8 weeks, ensuring Restoration Hardware's readiness for expansion into the EU.
