الأحد، 1 أبريل 2018

Ask Developer Podcast - 53 - Privacy and GDPR


General Data Protection Regulation

Following the Data Protection Directive of 1995
ePrivacy Directive of 2002 (cookie law)

Articles


EU Site:

Privacy by Design

Questions

  • What?
  • Why?
  • Who is affected ?
    • Am I a controller?
    • Am I a processor?
  • What data is included in protection?
  • What protection is required?
  • What to protect against? What consent is required?
  • What are the penalties?


Privacy Impact Assessments

A Privacy Impact Assessment (PIA), which is required under GDPR for data-intensive projects, is a living document which must be made accessible to all involved with a project. It is the process by which you discuss, audit, inventory, and mitigate the privacy risks inherent in the data you collect and process.
Like all GDPR documentation, a PIA can be requisitioned by a data protection regulator in the event of a privacy concern or data breach. Not having a PIA is not an option.