General Data Protection Regulation (GDPR) (EU)
From Diversity Workbench
see https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
Changes to be implemented in the databases
- Table UserProxy:
- New columns:
- ID: ID replacing the login name in datatables e.g. in columns LogUpdatedBy etc.
- PrivacyConsent: If the user constented to the storage and processing of his data in the database (set by user during login)
- PrivacyConsentDate: The time and date of the consent (set via trigger)
- New columns:
- Function UserID(): Providing the ID of the user in replacement of the SQL function User_Name() etc.
- All Datatables
- Insert missing content from columns LogUpdatedBy into UserProxy
- Changing the contstraints for the logging columns from suser_sname() to UserID()
- Changing content of logging columns from name to ID
- Special changes according to objects in the databases to remove reliance on functions like User_Name()
- As final result any login name should be removed from the data and log tables and the only place where this information is left is the table UserProxy
Client software
- Login: The user will be asked to consent to the storage and processing of his personal data. Otherwise the access will be denied
- Tools:
- Creation of a script for the generation of standard objects and handling of datatables
- The insert of a link to the website with detailed information about the handling of the user related data
- A default website will be provided, but should be replaced for databases with deviating treature or usage outside the SNSB servers
- The possibility to remove the personal data of the user (removal of the entries in table UserProxy)
Back to Software#Diversity_Workbench_software_implementations_in_compliance_with_regulations_and_directives
