Is it always? If that data is immutable, for example?
I'm hoping someone here can suggest a one-way audit-log audit-trail sort of solution, because I need this for the medical industry.
If you have a user table, maybe you can just randomly hash the sensitive user data but keep the record.
Not 100% sure about this though, since you could probably derive the user with statistics like: if it's known that 1 person gets a specific disease every 10 years and you have an obfuscated record of a person connected with that disease, it's fairly straightforward to derive who that person is just through that connection.
https://www.adyen.com/blog/gdpr-what-it-means-for-customer-p...
Please note that by "immutable" I don't mean that data won't get deleted eventually, just that it won't be deleted until nothing needs it anymore (and until then won't be mutated either), so basically the same thing that languages like Haskell mean by "immutable". Then, once you don't need it (= it's not observable anymore), it could perhaps get archived or erased, whatever you prefer.
(Presumably no-one is trying to reference-count GC their RDBMS. If so, I wish them all the luck in the world.)
