Privacy by design become necessary
A phrase you will hear a lot more of as GDPR gets closer to being enforced is the term “Privacy by design”. In many ways this will be the
cornerstone of the legal framework, but it is expected to take a while to be implemented. This is because it is a core principle, which will fundamentally change not only user organisations, but the way software development companies approach upcoming product releases and future upgrades. This is because organisations will have to show that they have prioritised the ability of keeping individual client data accessible only available by authorised personal. That emphasis on privacy will have to be embedded in the business processes of the organisations, including the tools they use to process the information. This will automatically filter down to all a company’s vendors that should provide solutions that mirror the company’s policies. And there are some ‘Principles of privacy by design’.
Principles of Privacy by design
These principles had been developed a while back, and not just because of the recent EU legislation, but by the ICO equivalent in Canada in the 1990s, which shows the global commitment to a consistent framework in dealing with securing clients’ data. Many countries adopted these principles in a joint conference in 2010 and this was later ratified by the US.These principles had been developed a while back, and not just because of the recent EU legislation, but by the ICO equivalent in Canada in the 1990s, which shows the global commitment to a consistent framework in dealing with securing clients’ data. Many countries adopted these principles in a joint conference in 2010 and this was later ratified by the US.These principles are as follows:1. Proactive not reactive: In other words, to be prepared for every eventuality. They want to see thought put into what could possibly go wrong and the consequences and to build in the mitigation of the risks.2. Default setting: The system has that principle in its standard build and no other alteration is required to bring it up to scratch. There should not be anything extra a staff member needs do to comply with these policies. 3. Embedded into the design: Part of the architecture not just an add-on.4. Full functionality: Able to meet all the needs of each of the stakeholders without diminishing the system’s core functionality.5. End to end security: Has to incorporate the entire life cycle of the information and be considered at each touch point.6. Transparent: a third party or regulator can verify the process. Confirms an element of trust if people can understand the process.7. User centric: Must be user-friendly and easily understood by staff and clients.
Implications for software?
Depending on what language the program is written in, excel can extract information from a datafile and place that into a worksheet for analysis. Most programs have an “office link” which allows exporting data directly into excel or you can create an “ODBC” link directly into the back end. Excel can also be used as an intermediary between two programs by exporting information out as .txt or .csv file and reformatted to import into another solution. (i.e. Payroll summaries into an accounting package)