General Data Protection Regulation

In May 2018, the European Union introduces a far-reaching legislation for the protection of personal information. By legislating meaningful rights for the individual, and the corresponding obligations on the organisations who manage the information, the power of the information is transferred to the individual. To ensure compliance imposed severe penalty payment.

General Data Protection Regulation (GDPR) will bring revolutionary changes in IT systems over the coming months.

It will also involve major efforts to adapt all the systems and procedures to the new requirements. This opens up great opportunities for those who deliver services and products in the field of information security. It is no exaggeration to compare the scope of work with the Y2K adaptation.

 

Unlinkability, transparency and influence

The traditional information security objectives: confidentiality, integrity and availability is now complemented by three new objectives: unlinkability, transparency and influence. These goals are contradictory pairs; one can not, for example have maximum availability and maximum confidentiality at the same time. Therefore, it becomes a necessity to understand the implications of different technical design decisions so that the solutions being built are balanced between the different objectives. The focus is about to shift from the traditional objectives against the new.

 

Privacy by design

It will be cheaper for those who are designing for privacy from the outset (privacy by design). Whoever designs without understanding these impacts will need to be correct in hindsight - something that will always be more expensive than doing it right from the start. Therefore, expertise in the field of information security is crucial to success.

The level of information security required doesn’t have to be complex. It’s more about finding new, smart applications for information exchange. That’s where Advenica’s innovative solutions help.