Class Name: UpdatePracticeSiteBatch¶

Last Updated: 2025-10-22 Source Code: UpdatePracticeSiteBatch.cls

API Name: UpdatePracticeSiteBatch Type: Batch Test Coverage: Not specified

Business Purpose¶

This batch class anonymizes PracticeSite__c location and contact information for accounts marked as anonymized, supporting healthcare data privacy compliance while maintaining system functionality.

Class Overview¶

Sharing Model: with sharing
Access Modifier: public
Interfaces Implemented: Database.Batchable, Database.Stateful

Key Responsibilities¶

Identify PracticeSite__c records linked to anonymized accounts
Clear sensitive practice contact information (phone, website)
Zero out geolocation coordinates
Replace address fields with anonymized data
Mark processed records with Anonymized__c flag

Public Methods¶

start¶

public Database.QueryLocator start(Database.BatchableContext bc)

Purpose: Identifies PracticeSites needing anonymization. Business Logic: Queries up to 50,000 anonymized accounts, excludes accounts with active users, returns PracticeSites where Anonymized__c = false

execute¶

public void execute(Database.BatchableContext bc, List<PracticeSite__c> scope)

Purpose: Anonymizes practice site data. Business Logic: Sets Name, Address__Street__s, Address__City__s = account.LastName; Appointment_Phone__c = '', Website__c = '', Address__Latitude__s/Longitude__s = 0.0000000; Address__PostalCode__s = account.PersonMailingPostalCode; Anonymized__c = true

finish¶

public void finish(Database.BatchableContext bc)

Purpose: Outputs completion debug message.

Dependencies¶

Salesforce Objects¶

PracticeSite__c: Custom object being anonymized (Name, Appointment_Phone__c, Website__c, Address__* compound fields, Anonymized__c, Account__c)
Account: Parent accounts (Anonymized__c, LastName, PersonMailingPostalCode, PersonContactId)
User: Active user filtering (ContactId, isActive)

Governor Limits Considerations¶

SOQL Queries: 3 (accounts, practice sites, account details in execute) DML Operations: 1 per execute batch Bulkification: Yes - processes up to 200 records per execute

Error Handling¶

Strategy: Database.update(allOrNone: false) allows partial success Logging: No debug statements (cleanest implementation) Missing: No try-catch, no error logging, no notifications

Security Considerations¶

Sharing Rules: Enforces sharing (with sharing) Field-Level Security: Not enforced CRUD Permissions: Not enforced Data Privacy: Irreversible anonymization - backups critical; healthcare data requires special handling

Test Class¶

Test Class: UpdatePracticeSiteBatchTest.cls

Pre-Go-Live Concerns¶

CRITICAL - Fix Before Go-Live¶

LOGIC BUG: Line 9 uses "isActive = true" which correctly excludes active users (this batch has CORRECT logic unlike others)
NO ERROR HANDLING: Missing try-catch and error logging
IRREVERSIBLE: No rollback mechanism - ensure backups exist
HEALTHCARE COMPLIANCE: Verify anonymization meets HIPAA and state privacy laws

HIGH - Address Soon After Go-Live¶

Add comprehensive error handling and logging
Add email notifications for batch completion/failure
Implement retry mechanism for failed updates
Verify impact on practice directory functionality

MEDIUM - Future Enhancement¶

Make anonymization patterns configurable (Custom Metadata)
Add audit trail tracking
Make LIMIT 50000 configurable

LOW - Monitor¶

Monitor batch execution time
Track failed record updates
Review impact on practice search and directory features

Maintenance Notes¶

Complexity: Medium Recommended Review Schedule: Quarterly Key Maintainer Notes: - Part of larger anonymization framework - This batch has CORRECT active user filter logic (isActive = true on line 9) - unlike other batches - Clears phone and website completely (empty strings) - Sets geolocation to 0.0000000 (may affect mapping features) - Healthcare data requires special privacy considerations - Test impact on practice directory and search functionality - Backup PracticeSite__c records before running