GDPR (General Data Protection Regulation) is coming into effect in May 2018, and because it can have significant impacts on your database management (in terms of set up, how they are managed and what processes happen), organisations should be in planning stages now.
We’ve put together a series of short guides to help IT Directors, CIOs and their partners understand what options are out there to help you not only to be compliant, but to do this efficiently without over burdening your database management team.
GDPR GUIDE 1: PSEUDONYMISTATION
Pseuodonymisation refers to the process that means that personal data can no longer be attributed to a specific data subject without the use of additional information. The information is stored separately, and is subject to strict measures to ensure this non-attribution is maintained.
This process is suggested by the GDPR regulation, as it significantly enhances data security and eases the reporting burden. This is because if there is a breach, the data will be masked. It also eases the burden of Data Access requests, because pseudonymised data is excluded from this.
Overall this means that implementing this can ensure better security and a reduced cost of GDPR compliance.
The 3 steps to pseudonymisation are:
- Map where personal data is processed; make sure you include non-production environments
- Appoint of Chief Data Protection Officer and give them the right tools to control data across the business
- Integrate data masking from the outset, to ensure all personal data is masked by default
There are other benefits to the organisation from implementing this process, including greater business agility. Ask us for more information.