ROI

GDPR: Use a Privacy Reference Model

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 15 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But using a Privacy Reference Model will help. Continue reading “GDPR: Use a Privacy Reference Model”

Privacy Benchmark your site

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 16 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design and improve your systems to meet the GDPR is not straightforward. But before you are done it is advised that you perform a view simple privacy tests. Especially on your website(s). Continue reading “Privacy Benchmark your site”

The good and easy way: ‘Privacy by design’ design patterns

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 17 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. To be compliant with the GDPR you must apply to article 25 “Data protection by design and by default“. Also known as ‘Privacy by design‘. But applying this approach can be complex and time consuming. Continue reading “The good and easy way: ‘Privacy by design’ design patterns”

GDPR: Pseudonymization or Anonymization

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 18 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward when dealing with data masking.  Continue reading “GDPR: Pseudonymization or Anonymization”

The Web never forgets: The right to be forgotten

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 19 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward. The GDPR introduces a right for individuals to have personal data erased. This right to erasure is also known as ‘the right to be forgotten’. Continue reading “The Web never forgets: The right to be forgotten”

The rise and fall of the DPO (Data Protection Officer)

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 20 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to handle the GDPR is not straightforward. The 261 pages long is not known for its clarity. There is e.g. some confusion on the DPO. Continue reading “The rise and fall of the DPO (Data Protection Officer)”

Do you still use fingerprinting?

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 21 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how to design your systems to meet the GDPR is not straightforward. Especially when you make use of third-party services.

But tools and methods that can detect if you track users can help you when creating new Internet facing systems. Continue reading “Do you still use fingerprinting?”

GDPR: How to store personal data?

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 22 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining how you should store private data is not straightforward. The GDPR has some guiding principles and you can find several documents with a title like ‘Privacy by Design’. Continue reading “GDPR: How to store personal data?”

No more confusion: An IP address is personal information

Maybe you have noticed it. Privacy is an issue. A bit strange since there are only 23 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

So before end of May 2018 all organizations that process data of EU citizens must comply with this General Data Protection Regulation. Determining exactly what private data is not straightforward. What does not help is that a lot of information on many sites regarding on what is allowed under the GDPR is plain wrong. E.g. there is a lot of confusion about the object ‘IP address’. Is an IP address personal information or not? Continue reading “No more confusion: An IP address is personal information”

The GDPR core principles

Maybe you have noticed it. Privacy is becoming an issue. A bit strange since there are only 24 days left until the new EU General Data Protection Regulation (GDPR) will become fully enforceable throughout the European Union.

Retrieving requirements and principles using the official GDPR document is crucial to make sure you apply to the regulation. Luckily the GDPR contains besides (a lot of) requirements also some key principles. Continue reading “The GDPR core principles”