Privacy by design
What is privacy by design?
Privacy by design is a design principle where you fully consider privacy aspects during the development phase of information systems and processes. From the outset, you think about possible privacy risks and then translate these into the necessary (technical) measures to prevent misuse of personal data.
Why is privacy by design important?
Privacy is now a crucial requirement in the development of digital systems. We are collecting and processing more personal data, which has led to a regulation at the European level on how to handle such data. The Global Data Protection Regulation (GDPR) includes requirements for IT systems and surrounding processes. For example, we must ensure that access to systems is managed per individual employee; group accounts are no longer allowed. Employees should only have access to personal data necessary for their role. This latter requirement, called the ‘principle of least privilege’, means that, in a healthcare setting, only medical staff should access medical records, not the rest of the personnel.
Such requirements must already be considered when designing your IT systems – this is privacy by design. In practice, seven privacy design principles have been defined, which we briefly explain below.
Privacy by design principles
Privacy by design involves considering seven principles:
- Proactive, not reactive: You should think about privacy risks and associated measures in advance, not add them as an afterthought based on trial and error.
- Default settings: The system should be configured to be privacy-friendly by default. Users should not need to change settings to protect their privacy.
- Privacy is built-in: Privacy measures should be an integral part of your design, not added as ‘privacy add-ons’ after developing the core functionality.
- Full functionality: Privacy measures should be implemented so that both functionality and privacy are sufficiently supported without hindering each other. Aim for a win-win situation in your design.
- End-to-end security: Privacy protection should be set up to ensure data is protected from start to finish, covering the entire data lifecycle from collection to deletion.
- Visibility and transparency: Ensure it is clear to users what data is being collected, how it is processed, and for what purpose.
- Respect for privacy: The entire design should respect the individuals concerned, ensuring their privacy is guaranteed.
How does HelloID comply with the privacy by design principles?
Information security and privacy protection are central requirements in the design of the HelloID platform. Tools4ever, as an organisation, is also ISO-27001 certified, and a SOC 2 Type II audit report has been prepared by a certified auditor. This demonstrates that both the platform and our development and management processes fully comply with all security and privacy standards.
However, the platform must not only be ‘privacy-safe’ itself. The IAM platform is an integral part of an organisation’s end-to-end information security chain, and its functionality must directly contribute to ensuring that this chain as a whole complies with the privacy by design principles. This is evident in HelloID’s built-in provisioning functionality, service automation capabilities, and logging and reporting facilities.
For example, HelloID fully automates the provisioning chain for user accounts and access rights. HelloID supports a direct connection with the HR system or other source systems, so the platform always has up-to-date information about a person’s role in the organisation, their authorisations and competencies. Based on this information, HelloID, using configurable business rules, ensures that each connected target system always has the correct accounts and access rights. Accounts and rights that are no longer needed are immediately removed.
When importing HR data into HelloID, we always ensure compliance with GDPR/AVG guidelines. Of course, no citizen service numbers or salary data are imported. In consultation with both the client and HR provider, we determine which data is imported, and this data is visible in the raw data view for compliance purposes.
Additionally, HelloID streamlines and secures the issuance of extra required access rights. The request and issuance process can be automated, with relevant managers giving online approval. This ensures proper role separation, and rights can be granted for a limited time only in order to prevent unintended accumulation of access rights.
Finally, HelloID ensures that all requests and changes are logged. This allows you to generate usage reports and view audit trails in case of a data breach or other issues. HelloID provides all the input needed for internal security evaluations, external audits and certification processes. Integrations with the client organisation’s SIEM system are also possible.