Skip to content
View dsr-pipeline-engineering's full-sized avatar

Block or report dsr-pipeline-engineering

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

DSR Pipeline Engineering — production GDPR/CCPA Data Subject Request fulfillment pipelines

DSR Pipeline Engineering

Production patterns for GDPR & CCPA Data Subject Request (DSR) fulfillment pipelines — intake routing, cross-system discovery, PII extraction, and tamper-evident audit logging.

🔗 www.dsr-pipeline-engineering.org


DSR Pipeline Engineering is a vendor-neutral, engineering-first reference for building Data Subject Request fulfillment as a deterministic, compliance-bound data pipeline — not a support ticket. Every guide treats access, deletion, rectification, and portability requests as a gated state machine with cryptographic audit trails, jurisdiction-aware routing, and hard statutory SLA boundaries.

It is written for the people who ship this to production: privacy engineers, compliance officers, and data-automation teams. The code is real, copy-pasteable Python built on Pydantic v2 idioms, and every compliance claim cites the specific regulation behind it — GDPR articles, CCPA/CPRA sections, and NIST special publications — rather than hand-waving.

What's inside

The site is organized into four connected areas, each starting with an architecture overview and drilling into focused implementation guides:

  • DSR Architecture & Intake Routing — modeling intake as a finite state machine: secure signed-JSON intake, risk-based identity verification and attestation, deterministic jurisdiction resolution, GDPR/CCPA request-taxonomy mapping, and translating statutory deadlines into pipeline timers.
  • Cross-System Data Discovery & Sync — fanning a verified request out across databases, warehouses, and SaaS APIs: schema validation, connection pooling, rate-limit and pagination strategies, and async queue management with Kafka consumer-lag monitoring, dead-letter retry, and SLA-bounded exponential backoff.
  • PII Extraction & Redaction Pipelines — high-precision detection and removal of personal data: NLP entity recognition and evaluation, checksum-validated regex libraries, confidence-threshold calibration, nested-payload redaction, and choosing between masking, tokenization, and deletion.
  • Audit Logging & Compliance Evidence — proving it happened: hash-chained audit ledgers, write-once (WORM) storage with enforced retention, tamper detection, and regulator-ready closure manifests that a reviewer can verify offline.

Why it's different

  • Deterministic by design — state machines, idempotency keys, and parameterized queries instead of ad-hoc scripts and brittle point-to-point integrations.
  • SLA-aware — statutory deadlines mapped to pipeline timers, with tolling, extensions, and escalation paths that never breach the clock.
  • Audit-ready — cryptographically chained, append-only evidence for non-repudiation and regulator-ready forensic traceability.
  • Cited, not asserted — each pattern is anchored to the regulation or standard that requires it, with hand-authored architecture diagrams for the hardest concepts.

Built with

A fast, dependency-light static site: Eleventy for the build, hand-authored inline SVG diagrams, no client-side framework, and a strict quality-gate suite (accessibility, structured data, internal-link integrity, and performance) run on every change. Deployed on Cloudflare.

Explore

Start at www.dsr-pipeline-engineering.org and follow any area from the top navigation — every page links to its siblings and children, so you can move from an architecture overview to a runnable implementation in a click or two.

Popular repositories Loading

  1. dsr-pipeline-engineering dsr-pipeline-engineering Public

    Production patterns for GDPR/CCPA Data Subject Request (DSR) fulfillment pipelines: intake routing, cross-system discovery, PII extraction, and tamper-evident audit logging.

    JavaScript 1