Casewhere supports security and GDPR by default

Casewhere supports security and GDPR

The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. Applied by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The GDPR will levy harsh fines against those who violate its privacy and security standards, Therefore, it is extremely important that government systems adhere to GDPR best practices.

Casewhere supports GDPR (General Data Protection Regulation) via various features to anonymize data. Anonymization is a type of data processing that eliminates or alters personally identifying information (PII). It yields anonymized data that cannot be linked to any specific individual.

Most systems are in reality not ready for GDPR as data anonymization in many ways opposes secure and reliable system architecture. When systems enable you to erase sensitive data it may also erase the audit trail and thus leave you with security issues.

From its very start, Casewhere developers have understood the importance of GDPR, and have therefore built into its very core the ability to obfuscate data without losing the datas audit trail. Such obfuscation features come “out-of-the-box” and are therefore much cheaper and quicker to implement that with most other systems.

Many systems forget the extent to which tracability of personal data is necessary. Often systems will forget that they are storing emails, logs, and documents that contain the same data as found in their database. Casewhere makes it possible to keep track of the way that personal data is used and stored across communication channels and make sure that data protection and security is applied throughout.

As important as the ability to clear personal data and keep it safe at the data level, is the ensuring control over who can access personal data. When setting up Casewhere, you will have to consider access right rules at 4 system levels.; database, data class, business level (functions) and user interface. With so many layers of security, issues within one layer alone will not leave you open to loss of data. Many standard platforms only offer you the ability to configure security at one of these levels, which increases the risk of data breach markedly.