Data protection from the initial phase of your project

The General Data Protection Regulation reinforces the protection of personal data by requiring organisations to apply the principles of data protection by design and by default.

Privacy by design is a proactive measure (prevents, does not remedy) and seeks protection throughout the life cycle of the product or service (from point to point).

The privacy by design supposes to apply the necessary data protection guarantees from the initial phase of planning for any technological development as for example, an application or program, a development of electronic commerce, the internet of the things, etc. provided that personal data will be processed in it.

This obligation is basically a precaution and it is also an advantage for the organisation. It will also lead to savings for the person in charge, since itis easier to plan and develop from the start based on an adequate legal framework, than not doing it without due precautions and having to redesign the product or service from scratch for not complying with the legal framework of data protection with the consequent extra cost.

 Data Protection by Design requires the organisation to identify – at the design stage of a project, service or product– the measures that will ensure the protection of personal data, such as:

• Providing for pseudonymisation and /or data encryption
• Limiting technically the default collection of data by mobile applications
• Facilitating the exercise of the user’s rights within the application by means of onlinefeatures
• Ensuring data security throughout their lifespan, and that of the organisation.

Tailor-made accompaniment

While “Data Protection by Default” requires that all settings should be configured, by default, in respect to data protection rules in particular in respect to personal data security and quality.

MGSI provides the ability to transform a legal constraint into a business advantage by accompanying you in the implementation of the principles of Data Protection by Design and by Default, whether for your whole organisation or for a specific project.

Our work can help organisations implement Privacy by Design from the earliest stages of projects, products, systems or software. This can happen by defining and implementing a Privacy by Design program.

We can help your organisation embed such program into your software development life cycle, as well as your project management approach and practices.

We can accompany project managers, DPOs, ISOs, Software developers, system architects as well as IT department to embed privacy into every phase of product development, including:

• Collection of requirements (business, data protection, information security, etc.)
• Design
• Coding
• Test
• Release
• Maintenance

MGSI can advise your organisations on the necessity of implementing anonymisation, pseudonymisation (de-identification techniques) during the phases of product development.