Seven steps to meet the EU demand for data protection ‘by design and default’
The new data privacy rules, GDPR, include a very clever article to ensure privacy is built into business systems at the outset, and that it is a default setting, writes Sasha Beharilal
The GDPR loves placing obligations on us but there is one obligation in particular that is quite clever. Article 25 of the GDPR expands on the concepts of data protection by design (commonly known as privacy by design) and data protection by default. The implementation of these obligations is likely to result in fully GDPR compliant processes. What does it mean? Data protection by design is the proactive approach that ensures that you consider privacy and data protection obligations, and anticipate potential risks at the beginning of any activity. It embeds the privacy principles into the design and operation of your IT systems, networked infrastructure and business practices. The benefit of data protection by design is that you do not have to undertake a compliance exercise that is costly and time consuming if you are compliant from the start. In addition, implementation does not mean that you are required to spend a large percentage of your budget on one aspect of design, but to r...
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.
Subscribe now to unlock this article.
Support BusinessLIVE’s award-winning journalism for R129 per month (digital access only).
There’s never been a more important time to support independent journalism in SA. Our subscription packages now offer an ad-free experience for readers.
Cancel anytime.
Questions? Email helpdesk@businesslive.co.za or call 0860 52 52 00. Got a subscription voucher? Redeem it now.