- 30-06-22Eén op de vijf IT-beslissers heeft weinig vertrouwen in databescherming en privacy in de cloud
- 27-05-22Update RFO netwerk incident 17-04-2022
- 23-05-22Freedom of Information Coalition (FOIC) stapt naar de Europese rechter
- 04-05-22Drie op de tien IT-beslissers: beveiliging klantdata laat te wensen over
- 21-04-22Kwart IT-beslissers vindt aandacht voor privacy overdreven
- 19-04-22RFO Netwerk Incident 17-04-2022
- 07-04-22Locatie dataopslag niet in top drie argumenten voor keuze cloudprovider
- 09-03-22The Hague Centre for Strategic Studies migreert dataplatform naar BIT NL Cloud
- 22-02-22Vier op de tien IT-beslissers weten niet wat cloudprovider doet aan databeveiliging
- 21-02-22BIT-MeetMe weer volledig open
Privacy by design: investing means profit
The internet is under pressure. We are putting more importance on our privacy and personal data should be stored and processed in a safe manner. Corporate processes that handle personal data are rarely set up optimally. This is often because employees in organisations are informed about handling personal data (more) carefully after the fact, instead of beforehand. Errors and indifference are always a threat. That has to change. That is why it is important to take privacy into account from the very beginning of designing an information system: privacy by design. But where do you have to pay attention to with privacy by design? I will give you three tips in this blog:
1. Minimise data
The first tip may sound obvious: minimise data. Do not collect data that you will not use eventually use, that is needless data. Check for all data collection processes whether the data is actually necessary to provide our service or product. A striking example is a contact form on the website. Is there a field for the post address or visitor address? Ask yourself whether this is really necessary. Ask yourself whether you are actually going to approach your client on their post address. The essence is this: data that you do not collect, you do not have to secure. And that means nothing can go wrong. It also saves time and both the data and the person do not run any unnecessary risks.
2. Pseudonimise data
It is quite simple: only collect data you truly need. But also the necessary data should be safe. To minimise the chance of damage, it is advisable to pseudonimise the collected data. When data is not used in its original form, it is wise to replace identifying data – like name, IP address and email address – with a code. That way you safeguard the identity of the person in question without losing individual data.
3. Delete unnecessary data
This tip might also be an obvious example, but it is crucial nonetheless: only save data when it is necessary to reach a goal. Personal data are collected and processed with a certain purpose. In case the purpose for which the personal data were processed is no longer present, delete the data. Think about data that has been collected for a campaign that has ended. It is wise to build systems that automatically delete such data in order to make the transition smoother.
Privacy by design might sound like a hip, needless term. But it generally comes down to setting up your processes in such a way that they automatically safeguard privacy. That means that there is no unnecessary data collection and that decreases the chance of errors drastically. And that is what we should all aim for. Then the internet will be a lot safer for all of us. And who does not want that?
Want to know more? Read the manifest and e-book: https://internetschoon.nu/
By: Wido Potters