Presentation is loading. Please wait.

Presentation is loading. Please wait.

Test data preparation for GDPR compliance

Published by暗 阚 Modified over 5 years ago

Similar presentations

Presentation on theme: "Test data preparation for GDPR compliance"— Presentation transcript:

1 Test data preparation for GDPR compliance
Presented by Florence ROLLAND-SOULIER © All rights reserved

2 GDPR core principles Data subject rights © All rights reserved

3 GDPR core principles – data subject rights
Breach Notification (within 72 hours) Right to Access by the Data Subject Right to be Forgotten / Right to Erasure Right to Object Processing & Right to Restriction of Processing Data Portability Privacy by Design → How does it impact sample datasets used for tests? → What can be considered as “Personal data”? 3 © All rights reserved

4 GDPR core principles Right to be Forgotten © All rights reserved

5 GDPR core principles – Right to be Forgotten
How do we know when we should remove data from a dataset? How long should we keep our datasets? Conditions for erasure? 5 © All rights reserved

6 GDPR core principles Right to Object Processing
& Right to Restriction of Processing © All rights reserved

7 GDPR core principles – Right to be Object
Articles 18 and 21 are related to each other Using data for testing purposes can be considered processing The data subject can oppose the erasure of the personal data and request the restriction of their use instead 7 © All rights reserved

8 GDPR core principles Privacy by Design © All rights reserved

9 GDPR core principles – Privacy by Design
Data protection through technology design Pseudonymisation is not enough Basic data obfuscation is certainly not enough Why do we use production data, or data derived from production data, for testing? 9 © All rights reserved

10 GDPR core principles – Privacy by Design
What can we use to identify an individual? Think about a few examples and write them down. 10 © All rights reserved

11 GDPR core principles – Privacy by Design
Think beyond social security numbers, names and dates of birth. Can you identify an individual with combination of « insensitive » data types? In this dataset, what can be used to identify an individual? 11 © All rights reserved

12 GDPR core principles – Privacy by Design
12 © All rights reserved

13 How to solve the privacy issue
Put on your white hat © All rights reserved

14 How to solve the privacy issue when you test with production data
Analyze, clean and organize your data Minimize your datasets Do not store datasets that are bigger than necessary When it is possible, use randomly generated data (NOT production data) 14 © All rights reserved

15 Advocate for Privacy by Design
Why does it matter? © All rights reserved

16 Advocate for privacy by design
16 © All rights reserved

17 Questions? © All rights reserved

Download ppt "Test data preparation for GDPR compliance"

Similar presentations

1 Role of the Data Protection Officer Donald Henderson Information Compliance Manager 30 September 2010.

1 Role of the Data Protection Officer Donald Henderson Information Compliance Manager 30 September 2010.
The EU General Data Protection Regulation Frank Rankin.

The EU General Data Protection Regulation Frank Rankin.
How Prepared are Nordic CIOs for GDPR Compliance?

How Prepared are Nordic CIOs for GDPR Compliance?
Data Protection Regulation

Data Protection Regulation
Tony Sheppard Mobile Guardian

Tony Sheppard Mobile Guardian
GDPR Impact.

GDPR Impact.
Data Protection Officer’s Overview of the GDPR

Data Protection Officer’s Overview of the GDPR
Key changes with the GDPR

Key changes with the GDPR
Accountability & Structured Privacy Management

Accountability & Structured Privacy Management
Processing for archiving purposes in the GDPR

Processing for archiving purposes in the GDPR
GDPR (General Data Protection Regulation)

GDPR (General Data Protection Regulation)
What Does GDPR mean for you

What Does GDPR mean for you
Understanding EU GDPR from an Office 365 perspective

Understanding EU GDPR from an Office 365 perspective
Viewing the GDPR Through a De-Identification Lens

Viewing the GDPR Through a De-Identification Lens
Presentation to GTMC on GDPR

Presentation to GTMC on GDPR
GDPR – Legal Aspects Desislava Krusteva, Attorney-at-Law, CIPP/E

GDPR – Legal Aspects Desislava Krusteva, Attorney-at-Law, CIPP/E
A new Privacy Policy for the University of Pennsylvania Libraries

A new Privacy Policy for the University of Pennsylvania Libraries
General Data Protection Regulation (GDPR

General Data Protection Regulation (GDPR
General Data Protection Regulation

General Data Protection Regulation
KEY CHANGES TO THE DATA PROTECTION LANDSCAPE

KEY CHANGES TO THE DATA PROTECTION LANDSCAPE

Similar presentations

Ads by Google