We have a privacy requirement to stop synchronizing users’ personal phone numbers and email addresses to SailPoint IdentityNow one month after their official termination date in Workday.
Currently, our Workday source connector syncs all available attributes, meaning that even after an employee departs, their phone number and email remain in SailPoint as long as they are present in Workday. This poses a privacy concern, and we need to ensure this data is no longer present in SailPoint after a one-month grace period following the termination date. Appreciate if you can give suggestions for us to implement the required solution.
Are these values being populated on the cube? If you need to remove them from a cube you could use a transform to check the user status and populate the value using that.
Another way would be a before provisioning rule that looks at the users status from workday and then map out a null value for the felids after X time.
Other wise the only other way I can think of is to remove that value from the Schema for the workday connector.
This would be a great case for Ask an Architect or expert services. If either of these are an option for you to use.