GDPR, CCPA and Cracking the React Nut

Like React, the Nut Cracking Anvil is hard to understand at first

I’m now deep into building a system that handles Data Compliance regulation tracking and more specifically, lets you inventory all of your data assets and then map Data Compliance Regulations to your data at the column (database table) or field (file) level. It helps everyone in your organization understand your data, where it it is, who maintains or processes it, where customer personal information is stored, its Data Quality and Data Security, and how that data “propagates” through all of your systems. You will be able to comply with GDPR and CCPA – and all other Data Compliance Regulations, rules and laws with what turns out to be a pretty simple system.

The back end is being written in Java – Spring Boot and JPA (Java Persistence API), and its the first time I’ve really liked Java. The front end is being written in React – which I attempted to learn a year ago – but was so busy I had to hire someone else to take that task on.

SO, I find myself in the same position I did a year ago – and this time I decided that I will finish what I started last year – learning React. I must have really learned a lot, and must have thought about React a lot, because all of a sudden – yesterday – the light bulb turned on, and I am pretty sure I totally understand its “zen”.

A great little Book that Gives a Nice Gentle Introduction to “The Zen of React”

Basically, to crack the React nut – you really, really need to know how to organize your React Components – and play with the containers that each Component lives in. Since you have to pass props (parameters / variables) downward from parent to child – and in succession through that lineage – you need to remember “old school” push and pop like we did when we processed a stack. Remember LIFO – last in, first out – or FIFO – first in, first out, etc? well – a little bit of that thinking goes a long way. Also – you need to know what Components (usually classes, and usually “wrapped classes”) – and arrange the project directory structure according to good Object Oriented Practices.

This time around I decided to look for React Forms libraries – and Formik has risen to the top. The creator remarks that “Forms in React is really hard” – and yeah – that’s what I learned last year. This year I will get it right – and make this a lot simpler. In addition to the structure – I’ve read that Yup is a library that helps with validating form fields – and because Formik users seem to like Yup – I’ll try that.

So – my system has this stack:

  • Postgres – persistence store of Meta Data (descriptive data for every database column and every file field in every data asset in your enterprise)
  • Spring Boot / JPA – REST API – that will be used by the React App as well as being a “pingable Microservice”
  • React with Googles Material UI, Formik, Yup, and React Router (at least)

Spring Boot JPA is an ORM – and so I’ve created classes that are a 1:1 to database tables. In React, I have a Form – which is the top level component and “container” for a set of form objects that have sub-containers:

  • Amazon style Search bar
  • Table or File level meta data display (query) and Upsert (no deletes)
  • Column or Field level Meta Data for the tables / files (this is a child of the Table and File level sub-container)
  • Business Use Cases of your enterprise data at the Column or Field level

CCPA is looming over us – it goes into effect January 1, 2020. If you are also under GDPR – and you haven’t tooled up for it – you are already more than a year late for that. We are moving into a whole new world – where data will be regulated like so many other things that have extensive regulations, rules and laws. The fines for violating these regulations are very steep. There are State laws – and some think there will eventually be a standard National set of redulations / guidelines – but not in the near. CCPA will probably drive what happens at the National level (eventually). This is here to stay – and the cow / horse is out of the barn.

I am very interested in Open Sourcing this – and my manager and others are also very interested. I also have a GREAT legal team in Compliance that I am working very close with. GDPR and CCPA are really GREAT regulations – and not even because they are giving us all “Data Rights”. They will force all data driven companies to get their Data Management acts together – we will all have to know what data we have where in our enterprise. Data Science Models will now work – because your Data Scientists Algorithms fail when Data Quality is unknown at best or downright lousy. Data Security folks will know that “last mile” from a security sense.

I am 1000% sure that the “panic is about to set in” at many companies. I am too busy to pursue Open Sourcing, but perhaps once I can come up for air I will investigate this. I looked for Open Source projects that manage data for compliance and found none. I did find four commercial products – which I have done POC’s on, and only Collibra had everything needed – but by no means is a “just install it” proposition. The system I am building is not such a “Maserati style compliance and data management platform” but instead is more of a “just install and feed it” Volkswagen Beetle. I am sure there are companies out there wasting time on products that promise that they handle compliance – and they just don’t. I know – I have been there, done that myself.

What I am building gets the job done – fast, simple and inexpensively.

2 Comments on “GDPR, CCPA and Cracking the React Nut

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: