1 hr 9 min
EP53 - AskDeveloper Podcast - Privacy and GDPR AskDeveloper Podcast
-
- Technology
General Data Protection Regulation
Following the Data Protection Directive of 1995
ePrivacy Directive of 2002 (cookie law)
Articles
https://www.smashingmagazine.com/2018/02/gdpr-for-web-developers/
https://www.theverge.com/2018/3/28/17172548/gdpr-compliance-requirements-privacy-notice
General Data Protection Regulation
EU Site:
https://www.gdpreu.org/
Privacy by Design
https://www.smashingmagazine.com/2017/07/privacy-by-design-framework/
Questions
• What?
• Why?
• Who is affected ?
○ Am I a controller?
○ Am I a processor?
• What data is included in protection?
• What protection is required?
• What to protect against? What consent is required?
• What are the penalties?
Privacy Impact Assessments
A Privacy Impact Assessment (PIA), which is required under GDPR for data-intensive projects, is a living document which must be made accessible to all involved with a project. It is the process by which you discuss, audit, inventory, and mitigate the privacy risks inherent in the data you collect and process.
Like all GDPR documentation, a PIA can be requisitioned by a data protection regulator in the event of a privacy concern or data breach. Not having a PIA is not an option.
General Data Protection Regulation
Following the Data Protection Directive of 1995
ePrivacy Directive of 2002 (cookie law)
Articles
https://www.smashingmagazine.com/2018/02/gdpr-for-web-developers/
https://www.theverge.com/2018/3/28/17172548/gdpr-compliance-requirements-privacy-notice
General Data Protection Regulation
EU Site:
https://www.gdpreu.org/
Privacy by Design
https://www.smashingmagazine.com/2017/07/privacy-by-design-framework/
Questions
• What?
• Why?
• Who is affected ?
○ Am I a controller?
○ Am I a processor?
• What data is included in protection?
• What protection is required?
• What to protect against? What consent is required?
• What are the penalties?
Privacy Impact Assessments
A Privacy Impact Assessment (PIA), which is required under GDPR for data-intensive projects, is a living document which must be made accessible to all involved with a project. It is the process by which you discuss, audit, inventory, and mitigate the privacy risks inherent in the data you collect and process.
Like all GDPR documentation, a PIA can be requisitioned by a data protection regulator in the event of a privacy concern or data breach. Not having a PIA is not an option.
1 hr 9 min