FORUMS PROFESSIONNELS
WINDEV
,
WEBDEV
et
WINDEV Mobile
Accueil
|
Messages récents
|
Connexion
|
Déconnexion
|
Français
Accueil
→
WINDEV 2024
→
GDPR compliance and requirements
GDPR compliance and requirements
Débuté par Steven Sitas, 18 avr. 2018 17:04 - 7 réponses
Connectez-vous…
Steven Sitas
#1
Posté le 18 avril 2018 - 17:04
Hi,
what is everybody doing about GDPR compliance ?
Any ideas, tips etc would be appreciated
Regards
Steven Sitas
www.alpha360.biz
Signaler
0
0
GuenterP
#2
Posté le 18 avril 2018 - 17:16
Hi, the GDPR refers to physical persons only. All of our customers are companies ... therefore we do nothing.
Signaler
0
0
Steven Sitas
#3
Posté le 18 avril 2018 - 17:21
Hi Guenter,
Yes, but your customers have customers (that may be physical persons).
So it probably has a "side effect" for us and our software also ...
Regards
Steven Sitas
Signaler
0
0
Paulo Oliveira
#4
Posté le 18 avril 2018 - 18:01
We have changed our software in several points (just by memory). I need to check the GDPR compliance document to see all the things we have planned :
Work with encrypted databases and encrypted database connections (HF, MSSQL, ORACLE) only.
Possibility to delete all information about a person (right to forget)
Possibility to delete all the data older than x years
Possibility to export all information about a person in XML, CSV, etc. (Portability)
Possibility to change all the personal data of one person to default values (Anonymization)
Generate CRUD logs, we already have CUD logs but we are in the process of creating the READ ones as well.
Make all the LOGS unchangable (one of the new fetures of V23 that we need) or at this momment create one HASH in every log record wtih is data and the value of the HASH of the previous record to make the validation of consistency possible and use triggers to prevent update/delete to the logs.
In Portugal we have one more law to comply if we sell software to the government, i don't know if it's the same in every country, and in this case we are developing several triggers with alarms for things like too many attenpts to login with wrog credentials, atempt to access data outside the user privileges,........
Signaler
0
0
Steven Sitas
#5
Posté le 18 avril 2018 - 18:23
Hi Paulo,
thanks for your detailed post.
What bothers me most is if the LOGs (specially Read logs) should be done by the RDBMs (database) or by the applications.
Looks like if you allow any external reporting (like Report writers and ODBC or API access) this must be done at the database level AND then ofcourse,
every application user MUST be mapped to a unique Database user.
Database users cannot be shared between application users in this scenario ...
Not very difficult with HFSQL C/S but impossible with HFSQL Classic and difficult to setup with MS SQL Server etc ...
Regards
Steven Sitas
Signaler
0
0
Paulo Oliveira
#6
Posté le 18 avril 2018 - 18:32
All our existing logs are made by database triggers. We didn't change anything at this level for the CUD.
For the read logs we are still testing to see how can we achieve a usable solution.
Our main concerns at this momment are performance, the size of the logs and the logic of each app. When we have selections in the code after the access to the DB the triggers are a mess.
If someone has sugestions for the read logs problems they are welcome.:confused:
Signaler
0
0
Markus K.
#7
Posté le 18 avril 2018 - 23:28
We released a software 2 weeks ago to fulfil the requirements of the GDPR but its only avaiable in german at this time:
www.datenschutzverwaltung.de
@Guenther: If you have employees then you are affected by the GDPR. If your customers are companies then you are affected too. You dont speak to the company, you speak whith their employees and you will probably have their contact information. Most people don't know they are affected
Signaler
0
0
Steven Sitas
#8
Posté le 19 avril 2018 - 10:20
Hi Markus,
I really like your web site and the way you present the GDPR issues.
We started a similar WEB based product a couple of months ago - targeted at small entities and non-profit organizations located in Greece - but not at this price level !!!
The market for this kind of software could be HUGE ...
Good luck with your product
Regards
Steven Sitas
www.alpha360.biz
Signaler
0
0
→ Revenir à WINDEV 2024
WINDEV 2024
WEBDEV 2024
WINDEV Mobile 2024
WINDEV (précédentes versions)
Français
English
Español
Portuguesa
Fermer cette fenêtre
Type de recherche
Uniquement les sujets
Tous les messages
Période de recherche
Date indifférente
Moins d'une heure
Moins de 24 heures
Moins d'une semaine
Moins d'un mois
Moins d'un an
Annuler
Aperçu de votre message
Ajouter une image
Importer une image depuis une URL
Envoyer une image depuis un fichier de votre disque
Déposez ici un fichier ou cliquez sur "Parcourir..."
ou
Annuler
0%
WLangage
SQL
XML, HTML
JAVA, Javascript
Texte