Intuit uses important financial information about their customers which requires them to be compliant with GDPR and CCPA. In practice, this requires them to enable their customers to access their information as well as request deletion of their information.
To comply with these requirements, Intuit built a system with four components - the request manager, the queue or topic, data managers, and the central document management platform. For access requests, information is archived and provided to the customer through the central document management platform. Deletion requests go from data managers to their individual services.
Competing compliance requirements, distributed status tracking, scaling requests, organising content, and receivable offline processing were the key challenges that Intuit solved for.
- GDPR: General Data Protection Regulation
- CCPA: California Consumer Privacy Act
Intuit is a software company in the financial domain, and their products include TurboTax (tax automation software), QuickBooks (accounting automation software), and Mint (personal finance management software). In all of these products, Intuit uses key financial information about their customers from across the world. Hence, they are required to comply with GDPR and CCPA to protect their customers’ data.
In order to comply with the regulations, Intuit has to enable their customers with:
- The right to access information - Enable customers to be able to know what Intuit knows about them. This information is made in a simple archive in an easily consumable form. This is done in a time bound manner.
- The right to request deletion of information - Customers can request to delete all the parcels of their information. The customer can also selectively choose what information they want to delete.
There are four components in the approach that Intuit has used to solve this problem. The first component is the request manager. This manages the requests that come from customers to either access or delete their information.
When the request manager receives this request, it employs a queue or a topic where the information is published. This is the second component.
The queue or topic then goes to the third component which are the data managers. There are many domains within personal finance products such as QuickBooks that handle the data of customers. These individual domains keep a data manager to carry out requests such as these. So, there are multiple data managers involved in this flow.
The data manager for individual domains collect the data and publish it to the central document management platform, which is the final component. Here, the information is archived and sent back to the customer in the case of an access request.
In the case of a delete request, the same flow happens from the request manager to the data managers. The data managers in turn connect with their individual services for which they are responsible and perform the delete operations.
The following are the top five challenges that Intuit went through and their solutions:
Competing compliance regulations for information access and deletion - They keep each data element and the document with an attribute that can let them know whether the data is required to be kept for another compliance or not. For example, when a CCPA request comes in, the QuickBooks capital offering would request to delete that information. Before they delete the data, it is made sure whether there is any other compliance for which this data is to be used. If so, the data is kept till the compliance requires it.
Distributed status tracking - They built an infrastructure where they can keep track of the status to fulfil the complete request for a customer.
Scaling for the requests provided with message bus and message queues - Intuit tunes their system in a way that they compute the consumers’ processing speed and the amount of messages that individual brokers can bring in, so that they equally distribute messages to all the consumers to effectively process their request. Apache ActiveMQ is leveraged to process this work order request.
Organising content from different data managers - They organise the contents in folders and sub folders and within the folders they also provide a ReadMe file. This ReadMe file provides the structure of the content in individual files, and explains how this data can be understood.
Receivable offline processing - The status tracking mechanisms were extended to the data managers, services, as well as the output records that the services brought in. This enables them to track whether or not each individual’s file has been successfully archived. In case they run into problems and have to restart, they start from the place where they left instead of from the beginning.
Tech stack/Tech solutions: