Data protection legislation exists across europe, and in most countries around the world.
I’m very interested to find out how you deal with this issue in your projects.
I received an email from a friend in consulting the other day, where the customer had just told him that “ESS is illegal in Austria because of privacy law” This is not true, but the system does need to take account of the legal rights of the data subject.
The law is confusing, but one piece of advice that I’d give you here is don’t use live data for testing or training, you will be breaking the law in most european countries if you do. http://www.out-law.com/page-3957
The Data Protection Act covers all data held by companies by which individuals may be identified. This includes simple data types such as names, addresses, telephone numbers – as well as more sensitive types such as personal, health or financial information.
A recent report indicated that over 40% of IT departments in UK companies are using live customer data as their test data. Under the Data Protection Act, a company can only use data for the purpose for which it was collected. This does not include testing.
Have you had a project delayed or impacted because of privacy issues? If so I would love to hear more about it.