Difference between revisions of "General Data Protection Regulation (GDPR) (EU)"
From Diversity Workbench
(→For Discussion) |
(→Client software) |
||
| Line 16: | Line 16: | ||
=== Client software === | === Client software === | ||
| − | * Login: The user will be asked to consent to the storage and processing of his personal data. Otherwise the access will be denied | + | * Login: The user will be asked to consent to the storage and processing of his/ her personal data. Otherwise the access will be denied |
* Tools: | * Tools: | ||
** Creation of a script for the generation of standard objects and handling of datatables | ** Creation of a script for the generation of standard objects and handling of datatables | ||
| − | ** The insert of a link to the website with detailed information about the handling of | + | ** The insert of a link to the website *** or other internal resources **** with detailed information about the handling of user-related data |
| − | *** A default website | + | *** A default website is provided: [[Default Agreement on Processing of Personal Data in DWB Software]]. It has to be replaced for operational databases |
** The possibility to remove the personal data of the user (removal of the entries in table UserProxy) | ** The possibility to remove the personal data of the user (removal of the entries in table UserProxy) | ||
Revision as of 13:29, 16 April 2018
see https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
Changes to be implemented in the databases
- Table UserProxy:
- New columns:
- ID: ID replacing the login name in datatables e.g. in columns LogUpdatedBy etc.
- PrivacyConsent: If the user constented to the storage and processing of his data in the database (set by user during login)
- PrivacyConsentDate: The time and date of the consent (set via trigger)
- New columns:
- Function UserID(): Providing the ID of the user in replacement of the SQL function User_Name() etc.
- All Datatables
- Insert missing content from columns LogUpdatedBy into UserProxy
- Changing the contstraints for the logging columns from suser_sname() to UserID()
- Changing content of logging columns from name to ID
- Special changes according to objects in the databases to remove reliance on functions like User_Name()
- As final result any login name should be removed from the data and log tables and the only place where this information is left is the table UserProxy
Client software
- Login: The user will be asked to consent to the storage and processing of his/ her personal data. Otherwise the access will be denied
- Tools:
- Creation of a script for the generation of standard objects and handling of datatables
- The insert of a link to the website *** or other internal resources **** with detailed information about the handling of user-related data
- A default website is provided: Default Agreement on Processing of Personal Data in DWB Software. It has to be replaced for operational databases
- The possibility to remove the personal data of the user (removal of the entries in table UserProxy)
For Discussion
- Several interfaces in the database allow the export of the data including personal data. Should these possiblities be removed (e.g. ExportWizard, TableEditor, ...)
- Personal data (address etc.) are stored in the module DiversityAgents. Is a process for a removal for complete datasets needed
- Personal data are stored in other places, e.g. Collector, Identifier, ResponsibleAgents for e.g. Analysis. These are not linked to the table UserProxy and are not removed by the standard removal from this table
Back to Software#Diversity_Workbench_software_implementations_in_compliance_with_regulations_and_directives
