microservices and gdpr at sundhed dk
play

Microservices and GDPR at Sundhed.dk Tobias Uldall-Espersen Thomas - PowerPoint PPT Presentation

Jan 27, 2024 •405 likes •1.04k views

Microservices and GDPR at Sundhed.dk Tobias Uldall-Espersen Thomas Holme Background information: Sundhed.dk and e-health in Denmark www.sundhed.dk Citizens, Healthcare professionals & Researchers CPR Numbers (Central Person

  1. Microservices and GDPR at Sundhed.dk Tobias Uldall-Espersen Thomas Holme

  2. Background information: Sundhed.dk and e-health in Denmark

  3. www.sundhed.dk ● Citizens, Healthcare professionals & Researchers ● CPR Numbers (Central Person Register) ● API’s & Gateways ● On-demand data access - vs data replication ● System centric vs Data Subject centric ● Microservices to scale software production and decouple products

  4. Introduction to ‘The Journey’

  9. The transition - the starting point

  10. The transition - pseudomizing user identity in products

  11. The transition - splitting the products from the monolith

  12. The transition - microservices

  13. The transition - decoupling across microservices

  14. Background information: GDPR (a short introduction)

  15. What is GDPR? The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). The General Data Protection Regulation consists of 99 articles and shall be applied from 25 May 2018

  16. GDPR - Chapter 3: Rights of the Data Subject ● Article 12 – Transparent information, communication and modalities for the exercise of the rights of the data subject ● Article 13 – Information to be provided where personal data are collected from the data subject ● Article 14 – Information to be provided where personal data have not been obtained from the data subject ● Article 15 – Right of access by the data subject ● Article 16 – Right to rectification ● Article 17 – Right to erasure (‘right to be forgotten’) ● Article 18 – Right to restriction of processing ● Article 19 – Notification obligation regarding rectification or erasure of personal data or restriction of processing ● Article 20 – Right to data portability ● Article 21 – Right to object ● Article 22 – Automated individual decision-making, including profiling ● Article 23 – Restrictions

  17. GDPR - Data protection by design and by default (Article 25) 1. Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing, the controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures , such as pseudonymisation , which are designed to implement data-protection principles, such as data minimisation , in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of this Regulation and protect the rights of data subjects.

  18. GDPR - Privacy by design (Article 25) Privacy by Design: The 7 Foundational Principles 1. Proactive not Reactive; Preventative not Remedial: Privacy by Design anticipates and prevents privacy invasive events before they happen. 2. Privacy as the Default Setting: Privacy by Design deliver the maximum degree of privacy by ensuring that personal data are automatically protected in any given IT system or business practice 3. Privacy Embedded into Design: Privacy by Design is embedded into the design and architecture of IT systems and business practices. It is not bolted on as an add-on, after the fact. (Source: Ann Cavoukian, Privacy by Design: The 7 Foundational Principles)

  19. GDPR - Privacy by design (Article 25) Privacy by Design: The 7 Foundational Principles 4. Full Functionality – Positive-Sum, not Zero-Sum: Privacy by Design seeks to accommodate all legitimate interests and objectives in a positive-sum “winwin” manner, not through a dated, zero-sum approach, where unnecessary trade-offs are made. 5. End-to-End Security – Full Lifecycle Protection: Privacy by Design, having been embedded into the system prior to the first element of information being collected, extends securely throughout the entire lifecycle of the data involved (Source: Ann Cavoukian, Privacy by Design: The 7 Foundational Principles)

  20. GDPR - Privacy by design (Article 25) Privacy by Design: The 7 Foundational Principles 6. Visibility and Transparency – Keep it Open: Privacy by Design seeks to assure all stakeholders that whatever the business practice or technology involved, it is in fact, operating according to the stated promises and objectives, subject to independent verification. 7. Respect for User Privacy – Keep it User-Centric: Above all, Privacy by Design requires architects and operators to keep the interests of the individual uppermost by offering such measures as strong privacy defaults, appropriate notice, and empowering user-friendly options. (Source: Ann Cavoukian, Privacy by Design: The 7 Foundational Principles)

  21. GDPR - Privacy Design Strategies Data oriented strategies a. MINIMISE - The amount of personal data that is processed should be restricted to the minimal amount possible. b. HIDE - Any personal data, and their interrelationships, should be hidden from plain view. c. SEPARATE - Personal data should be processed in a distributed fashion, in separate compartments whenever possible. d. AGGREGATE - Personal data should be processed at the highest level of aggregation and with the least possible detail in which it is (still) useful. (Source: Jaap-Henk Hoepman)

  22. GDPR - Privacy Design Strategies Process oriented strategies a. INFORM - Data subjects should be adequately informed whenever personal data is processed. b. CONTROL - Data subjects should be provided agency over the processing of their personal data. c. ENFORCE - A privacy policy compatible with legal requirements should be in place and should be enforced. d. DEMONSTRATE - Be able to demonstrate compliance with the privacy policy and any applicable legal requirements (Source: Jaap-Henk Hoepman)

  23. GDPR and Microservices at Sundhed.dk 1. Pseudonymising data in the monolith 2. Separating data into data contexts with single ownership 3. Making it User-Centric

  24. First step: Pseudonymising data in the monolith

  26. First microservice 1:M relationship between product and user. First real microservice.

  27. Pseudonymizing data Pseudonymizing data by splitting data identifying the data subject from data about the data subject.

  28. Summing up: What we did ● Implemented initial microservice architecture ● Split data identifying the data subject from data about the data subject into two separate databases ● Generate an artificial (pseudonymization) key (UserGUID) binding the two set of data together ● Remove confidential data (CPR number) from products

  29. Summing up: What we gained ● Limiting processing of data identifying the data subject ● Portal global 'Right to be forgotten' ● Protection of confidential data (CPR)

  30. Summing up: Limits of current solution ● Possible to link product data and data subject data when having database access ● Possible to combine product data and create 'rich picture' of data subjects when having database access

  31. Step 2: Separating data First into product contexts then into data contexts

  32. Extract each product with its data from the monolith

  33. Each product is further divided: ● An API facade like service ● One or more underlying Gateway services.

  34. Ownership by convension Gateways could acces data from one another, but by convention we agree no to.

  35. GDPR endpoints ● Right to rectification ‘the right to get errors fixed’ (Article 16) ● Right to erasure 'the right to be forgotten' (Article 17) ● Right to data portability ‘the right to get a copy’’ (Article 20)

  36. Ownership by encryption Data context is enforced by encryption rather than by convention. The database content becomes nonsense to all but the owner.

  37. Summing up: What we did ● Separated products from each other ● Separated contexts in each product from each other ● Added ownership of data to each context ● Added context specific encryption key to each context ● Encrypted pseudomization key (UseGUID) with context specific encryption key when used as foreign key ● Encrypted foreign keys and sensitive/confidential data with context specific encryption key

  38. Summing up: What we gained ● Formalized data context with forced owner ● Simple contexts increases transparency and makes compliance control easier ● Avoid direct linking of data in the database ● Better support for logging ● Export of data build into context ● Better protection of data in entire data lifecycle

  39. Summing up: Limits of current solution ● Not user centric solution ● Not possible to control individual products, e.g.in regards to: ○ Consent ○ Right to be forgotten ○ Limiting processing ○ Efficient access control supported by architecture

  40. Step 3: Making it User-Centric

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data Protection Regulation Came into force on May 25 th Replaces the current 1995 Data Protection Directive and Data Protection Act (1998). What is GDPR?

570 views • 18 slides
WHAT COMES AFTER MICROSERVICES? MATT RANNEY WHAT COMES AFTER MICROSERVICES? MATT RANNEY We

WHAT COMES AFTER MICROSERVICES? MATT RANNEY WHAT COMES AFTER MICROSERVICES? MATT RANNEY We

WHAT COMES AFTER MICROSERVICES? MATT RANNEY WHAT COMES AFTER MICROSERVICES? MATT RANNEY We hired lots of engineers. They wrote lots of software. This causes lots of problems. Why use microservices at all? Easier releases? Ef fj ciency

709 views • 55 slides
Microservices Security Fundamentals MICROSERVICES SECURITY CHALLENGES Wojciech Lesniak PRINCIPAL

Microservices Security Fundamentals MICROSERVICES SECURITY CHALLENGES Wojciech Lesniak PRINCIPAL

Microservices Security Fundamentals MICROSERVICES SECURITY CHALLENGES Wojciech Lesniak PRINCIPAL DEVELOPER / TECH LEAD @voit3k Microservices International Data Corporation (IDC) predicts that by: 2019 Q1 Microservices International Data

641 views • 39 slides
Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

garjoh_canuck Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett Johnson (Boston U) Scott Shriver (U Colorado Boulder) GDPR Impact GDPR General Data Protection Regulation EU EEA Brexit GDPR

833 views • 27 slides
Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Presentation by Michalis Mantzaris, PhD Introduction to General Data Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does it apply? Consisting elements and Guideline provision Key changes and

605 views • 23 slides
Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do to be compliant? Data Breaches How does the GDPR affect you? Steps to Compliance Summary What is the GDPR? q The EU's General Data

355 views • 17 slides
PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

GENERAL DATA PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles of of GDPR How does it effect school How are school preparing How does it effect individual staff How can

475 views • 12 slides
Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require? How does an Australian business comply? Action Plan Section 1: GDPR is here Privacy in the digital age Historically, privacy was almost

513 views • 40 slides
Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Almost one year after the GDPR, where are we now? Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The first year of the GDPR can best be described as "quiet test run. What are the most striking

405 views • 8 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
KrakenD API Gateway Product overview @devopsfaith Microservices are challenging The need for

KrakenD API Gateway Product overview @devopsfaith Microservices are challenging The need for

KrakenD API Gateway Product overview @devopsfaith Microservices are challenging The need for agility and scalability has driven Microservices adoption, but: 91% of Internet businesses are using or have plans to use microservices 86% expect

696 views • 53 slides
GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont be scared 60% of people welcome the rights under GDPR 48% of UK adults plan to activate their rights 56% welcome the right to object to marketing

1.32k views • 37 slides
GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you

617 views • 38 slides
GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

1 GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the recruitment industry 2 Introduction The rules which underpin the storage of personal data have changed dramatically. The new EU-US Privacy Shield

998 views • 35 slides
GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0 Advising, Monitoring, Enforcing European Data Protection Board Art. 68 - 73 (replacing the Art. 29 Working Party) advise Supervisory

626 views • 8 slides
GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry

GDPR Rights and Consent Part 2 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you have specific

495 views • 35 slides
Low-fi Prototype Tatiana Grossman, Anna Wang, Kerry Wang Overview Mission Statement Selected

Low-fi Prototype Tatiana Grossman, Anna Wang, Kerry Wang Overview Mission Statement Selected

Low-fi Prototype Tatiana Grossman, Anna Wang, Kerry Wang Overview Mission Statement Selected interface Low-fi prototype Task Flows Method Results UI Changes Knock Find Friends Everywhere Most visually oriented leverages

524 views • 41 slides
Brief Explanation of FY2010 1Q Financial Results 1. Highlights of Consolidated Results of Tokio

Brief Explanation of FY2010 1Q Financial Results 1. Highlights of Consolidated Results of Tokio

Brief Explanation of FY2010 1Q Financial Results 1. Highlights of Consolidated Results of Tokio Marine Holdings (References: "Supplemental material for FY2010 1Q conference call") Ordinary Income - Net premiums written: 596.1

91 views • 6 slides
Market Simulation Winter 2017 Release Christopher McIntosh Lead Market Simulation Coordinator

Market Simulation Winter 2017 Release Christopher McIntosh Lead Market Simulation Coordinator

Market Simulation Winter 2017 Release Christopher McIntosh Lead Market Simulation Coordinator Winter 2017 Release Market Simulation January 22, 2018 Agenda Winter 2017 MAP Stage Availability Winter 2017 Market Simulation

429 views • 21 slides
International Presentations Seminar Design Patrick Schmidt Cross-Cultural Trainer Geibelstr.

International Presentations Seminar Design Patrick Schmidt Cross-Cultural Trainer Geibelstr.

International Presentations Seminar Design Patrick Schmidt Cross-Cultural Trainer Geibelstr. 23 - 40235 Duesseldorf Tel: +49 (0) 211 1709 250 Fax: +49 (0) 211 1709 251 E-Mail pschmidt.de@t-online.de Internet www.agcc.de

62 views • 3 slides
Telenor Group Richard Aa, Group CFO BAML TMT Conference 4 June 2014 Disclaimer The following

Telenor Group Richard Aa, Group CFO BAML TMT Conference 4 June 2014 Disclaimer The following

Telenor Group Richard Aa, Group CFO BAML TMT Conference 4 June 2014 Disclaimer The following presentation is being made only to, and is only directed at, persons to whom such presentation may lawfully be communicated (relevant persons).

543 views • 13 slides
Information Exchange: & Bar U.S. and Foreign Government Tactics and Tools for Audits, , d

Information Exchange: & Bar U.S. and Foreign Government Tactics and Tools for Audits, , d

TEI Annual Conference October 30, 2013 IRS Ad IRS Administrative Affairs i i t ti Aff i rker Information Exchange: & Bar U.S. and Foreign Government Tactics and Tools for Audits, , d llips Chartere Document Production and

619 views • 31 slides
Introduction The Enforcement and Prosecution Branch, amongst other tasks, focuses its efforts

Introduction The Enforcement and Prosecution Branch, amongst other tasks, focuses its efforts

Introduction The Enforcement and Prosecution Branch, amongst other tasks, focuses its efforts in the following areas: Enforcement of the National Building Regulations and Standards Act; Enforcement of the Planning and Development Act;

407 views • 11 slides
Overview of the Arizona General Stream Adjudica8on *This

Overview of the Arizona General Stream Adjudica8on *This

Overview of the Arizona General Stream Adjudica8on *This presenta-on is intended only to provide general informa-on on the stream adjudica-on. The NRUM

365 views • 9 slides

More recommend