GDPR, Database Backups, and the Right to be Forgotten

I've said it before, but it bears repeating, there is no cause for any kind of panic when it comes to the GDPR. None. There are however, a number of concerns. One of those concerns is, well, concerning. How does the right to be forgotten within the GDPR impact database backups? Let's discuss what we know. The Right To Erasure Each of the articles within the GDPR lays out a topic. Article 17 is pretty darned clear about the topic: Right to erasure ('right to be forgotten') Basically, the individuals, also known as the data subject, also known as natural persons, in short, people, can request that you remove their data from your system. The first sentence lays out the gist of the idea quite well: The data subject shall…
Read More

GDPR: Your Hair Is Not On Fire

DevOps, Professional Development
Along with a lot of other people, I've been attempting to call people's attentions to the new General Data Protection Regulation (GDPR) that was created two years ago and becomes effective in May of this year. The regulation defines processes and practices around the privacy and protection of personal data of any EU citizen. While the regulation is defined by the EU, since it's applicable to the data of EU citizens, the applicability is anywhere that data may exist, even in other countries. So, the GDPR applies to you and your data if you have EU citizens data in your databases. Different countries have trade treaties in effect with the EU which will allow the EU to enforce this, even though you and your data are located somewhere else. None…
Read More

The GDPR and You

Professional Development
Ever heard of the General Data Protection Regulation? If not, go and read the Wiki. I'll wait. I can already hear what you're thinking. "Grant, this doesn't apply to me because my company is in the <insert non-EU country here>." How do I know you're thinking that? Because every single person with whom I've brought this up has had the same response. You might want to go back and re-read it. Data Subject There are three terms from the GDPR that you need to know. The first is Data Controller. This is any organization or individual that collects data from the Data Subject. If the Data Controller is located in the EU, then you're subject to the new regulations. Yes, I know, this means you don't have to worry. Hang…
Read More