Sign up for weekly AppOps insights.

Sign up for weekly AppOps insights.

Data Privacy Checklist for Your Salesforce Sandboxes

Joe Marshall

Sr. Manager, Demand Generation

June 2, 2023

How to manage your Salesforce orgs to meet data privacy requirements

The importance of having a data privacy checklist for your Salesforce sandboxes cannot be overstated. Because although “privacy by design” has long been best practice, due to compliance regulations such as HIPAA, GDPR, and CCPA, data protection and privacy is now mandatory.

Data Privacy Checklist for Sandbox Management

A businessman pointing at a VR image that says "data privacy" representing a data privacy checklist

We designed this data privacy compliance checklist to help you manage your Salesforce sandboxes and adhere to data privacy laws during the Salesforce release process.

Dedicated Environments for Development and Testing

Development and testing are critical to the Salesforce release process. But if you do the work in your production environment, you run the risk of exposing Protected Health Information (PHI) and other sensitive personal data. 

To minimize any risk of direct exposure of sensitive data, you should always use dedicated environments for development and testing. Salesforce offers a variety of options, such as scratch orgs, as well as Developer, Developer Pro, Partial Copy, and Full Copy sandboxes, that can cater to different data needs and testing scenarios. 

Prodly Sandbox Seeding makes it easy to spin up scratch orgs for development and testing—in just a few clicks. This makes it easier for admins and other declarative developers to have their own dedicated environment.

Environment Access Controls

Controlling who gets access to what data in what environment is a cornerstone of data protection and privacy in the Salesforce release process. That’s why you need to put strong environment access controls in place that prevent unauthorized users from accessing orgs that contain PHI and other sensitive data.

Always base these controls on the principle of least privilege, and only grant users access to environments needed for their role. Prodly provides robust environment access controls you can effectively leverage for this purpose.

Data Protection During Transfer Between Orgs

When you move data from one environment to another, it’s vulnerable—especially when it involves downloading CSVs to your desktop. To remain in compliance with HIPAA, GDPR, and CCPA, you need to protect all PHI and relevant personal data during the data migration process.

One way to do this is to use encryption, because it renders the data unreadable to anyone without the decryption key, 

A better option is to use data migration automation. Prodly, for example, provides an extra layer of security over traditional options like Data Loader by eliminating the need to download CSVs to desktops. This significantly enhances data security during transfer.

Use of Low-Level Environments

To comply with data privacy regulations, it’s crucial to minimize data exposure during development and testing. To this end, it’s wise to use the lowest-level environment possible that can fulfill your requirements for development and testing. Because the lower the environment, the less data it can contain.

With Prodly, enforcing this policy is easy. Admins and developers can spin up a scratch org in just a few clicks with just the right amount of data they need for their work—no more and no less.

Data Privacy in Production-Grade Test Environments

In the testing stage, you might need to use PHI or other personal data from production to make sure a configuration works the way you intended. The more your test data resembles your production data, the higher the quality of your testing.

In other words, the best way to test is to use real test data. However, to remain in compliance, it’s critical to prevent unauthorized access to PHI or other personal data. After all, your developer doesn’t need to know the information in the data–just how it behaves in a new configuration.

Fortunately, Prodly Sandbox Seeding solves this problem. Prodly offers data masking and granular data redaction capabilities so you can guarantee privacy while retaining the data’s usefulness for testing. That means you can quickly create production-grade environments for testing without risk of noncompliance.

Clear Data Retention and Deletion Policies for Sandboxes

GDPR mandates strict data retention and deletion policies. You can only retain personal data for the amount of time you need it for the purposes you collected it for. And while your data governance most likely covers data retention in your production environment, you have to be careful that data in your sandboxes doesn’t fall through the cracks.

To prevent unnecessary privacy risks, establish clear data retention policies for all environments in the release pipeline. Specify how long to keep PHI and personal data, as well as how to delete it.

Deletion of Unused Environments

Deleting unused Salesforce environments is a straightforward but effective data privacy measure. If you leave unused environments unattended, they can pose a privacy risk. If they contain PHI or sensitive data that has somehow not been handled with your data retention and deletion policies,  it could lead to unintended data breaches. 

That’s why you should always make sure to delete any environments you’re no longer using. This even goes for scratch orgs, which, although they’re automatically erased after seven days, can still pose an unnecessary risk if they contain sensitive data.

Regular Reviews of Privacy Controls

You should regularly review your privacy controls, settings, and policies for your Salesforce sandboxes. By doing so, you can identify any new or emerging privacy risks and take appropriate action to mitigate them.

Reinforcing Data Privacy in Salesforce Sandboxes

Data privacy should never be an afterthought in the Salesforce release management process. By following this comprehensive data privacy checklist, you can implement compliant Salesforce sandbox management and significantly reduce your risk. Ultimately, this protects your company’s reputation and bottom line.


Which compliance regulations and considerations should I take into account when managing data in Salesforce sandboxes?

When managing data in Salesforce sandboxes, it’s crucial to adhere to a number of compliance regulations such as HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation), and CCPA (California Consumer Privacy Act). 

Each of these regulations has different requirements. HIPAA requires the protection of protected health information (PHI). GDPR focuses on the privacy rights of EU citizens when it comes to their personal data, and CCPA regulates how companies manage the personal data of California residents. To avoid noncompliance penalties, it’s essential to understand these laws and manage your Salesforce sandboxes accordingly.


How does data migration automation provide an extra layer of data security compared to traditional options like Data Loader?

Data migration automation—like Prodly—provides an additional layer of security by eliminating the need to download CSV files with PHI and other personal data to local desktops. This limits the potential exposure of sensitive data during transfer and reduces the risk of accidental breaches. Learn more about data migration automation.


What are some best practices for establishing compliant data retention and deletion policies in all environments of the release pipeline?

To establish compliant data retention and deletion policies in all environments of the release pipeline, you should clearly define how long to retain PHI and other types of sensitive data. You should also specify when and how to delete the data. 


Prodly Compliance Center

The gold standard for documenting SOX in Salesforce CPQ!