Press ?
for help.
All features are anonymous.
This conversation is an in depth dive into the Important parts of GDPR for software developers. Even though GDPR is a European standard, there's no denying that this is the direction that the software industry is going, more emphasis will be placed on protecting the data that customers and businesses rely on. In this conversation we will discuss the GDPR, the impacts of this law, and what can be done from the software development side to make sure we develop software that follow defense in depth practices.
James is a developer and security advocate whose biggest responsibility is leading developer security practices. He sets the standards and procedures for how the practice operates, and leads all client engagement efforts with regard to security. He also takes the lead in making sure that company staff are properly trained and following best practices with regard to security.
James also acts as a system and application architect, and oftentimes he evaluates application design as part of the security audits he performs. In a past life James was responsible for Architecting and developing solutions on multimillion implementation efforts. Key clients included the Eight Fortune 500 companies (Seven in the Fortune 100), as well as several well known non-profits and leaders in their industries. Vertices served included healthcare, transportation, financial services, retail, insurance, and energy.
- @punkcoder (twitter)
- https://www.punkcoder.com (website)
"Google and Facebook accused of breaking GDPR laws"
"Facebook and Google hit with $8.8 billion in lawsuits on day one of GDPR"
http://www.bbc.com/news/technology-44252327 https://www.theverge.com/2018/5/25/17393766/facebook-google-gdpr-lawsuit-max-schrems-europe
The following sanctions can be imposed:
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;
The Microsoft SDL includes some good guidance of phases that can be added to the development process that can help:
Lifted from Microsoft SDL