General Data Protection Regulation (GDPR) (EU)

From Diversity Workbench
Revision as of 13:03, 9 April 2018 by MWeiss (Talk | contribs)

Jump to: navigation, search

see https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

Changes to be implemented in the databases

  • Table UserProxy:
    • New columns:
      • ID: ID replacing the login name in datatables e.g. in columns LogUpdatedBy etc.
      • PrivacyConsent: If the user constented to the storage and processing of his data in the database (set by user during login)
      • PrivacyConsentDate: The time and date of the consent (set via trigger)
  • Function UserID(): Providing the ID of the user in replacement of the SQL function User_Name() etc.
  • All Datatables
    • Insert missing content from columns LogUpdatedBy into UserProxy
    • Changing the contstraints for the logging columns from suser_sname() to UserID()
    • Changing content of logging columns from name to ID
  • Special changes according to objects in the databases to remove reliance on functions like User_Name()
  • As final result any login name should be removed from the data and log tables and the only place where this information is left is the table UserProxy
  • Client software
    • Login: The user will be asked to consent to the storage and processing of his personal data. Otherwise the access will be denied
    • Tools:
      • Creation of a script for the generation of standard objects and handling of datatables
      • The insert of a link to the website with detailed information about the handling of the user related data
        • A default website will be provided, but should be replaced for databases with deviating treature or usage outside the SNSB servers
      • The possibility to remove the personal data of the user (removal of the entries in table UserProxy)



Back to Software#Diversity_Workbench_software_implementations_in_compliance_with_regulations_and_directives