Ask HN: How does your org handle PII storage/access in a microservice ecosystem?
A lot of this has tiebacks to GDPR/CCPA/etc.. but I'm interested in the technical implementations more so than the regulation side of things.
For those of you working places with a microservice-ish based ecosystem and a fair amount of PII (e.g. names, emails, addresses, phone numbers): how do you provide/distribute that data to internal services if/when they need it? Do you allow services to store copies? Do you centralize all that info in a user/profile/etc... service and make everything ask for it when required? etc...
(I'll respond in a comment with what we do internally as to not derail responses)
0 comments
[ 2.5 ms ] story [ 13.4 ms ] threadNo comments yet.