GDPR Data Minimisation AKA You cannot loose, what you do not have.
The up and coming General Data Protection Regulations promote the notion of data minimisation. That organisations should only gather and use the minimal amount of data they require to achieve the stated purpose.
However data ministration encompasses far more that just collection. Outlined below are 6 aspects of minimisation to assist with your GDPR thinking.
Minimise collection – Dont collect what you dont need.
In the past, when we built systems and applications we tended to gather as much information as possible about our clients /users. Having done so we would then think about the information that we needed to provide the service. This mentality was often driven by other departments (marketing) who desired to know the customer/user in finite detail. To minimise collection we should shift our mentality towards, what do I need for the ‘service’ to function effectively.
Minimise disclosure – Dont tell people who dont need to know.
Ensure that the policies, roles and access permissions you attach to information reflect who needs and who does not need access to it. A manager will need an aggregation of attendance records, but does not need to see the specific reasons for absence.
Minimise centralisation – Dont keep all your eggs in one basket.
Whilst it might seem attractive to store all of your customers data within the confines of your organisation, ask yourself if there is data that can reside with the user. Can you collect data at the local level, aggregate and then upload to the company ? A good example of minimised centralisation is the finger print data of an iPhone user. Apple ensure that the fingerprint data is stored on the users phone, and never leaves the users phone.
Minimise replication – Dont throw your seed into the wind
There is a principle in database and enterprise system design call the single source of truth. It is far easier to manage citizen data if it is stored in one place rather than spread across the company. Think about the process of apply for a job. An applicant sends in their CV, which is then emailed to countless people across the company who are involved in the recruitment process. Vs a CV that is uploaded to a central location by the applicant and then audible access to that location provided to those staff that need it.
Minimise linkablilty – I dont want to play nice with the other children.
By minimising the quantity of personal information held we can minimise the ability to link that data with data from other sources. We reduce the amount of intrusive insight that can be garnered.
Minimise retention – When you pull the pin, dont keep hold of the grenade.
Data has a life span. For example, sales receipts used to claim expenses, should be kept for six + one years according to the UK HMRC. There are numerous business reasons for implementing a data management strategy from effective management of information to effective use of servers and storage to building a trust based relationship with customers. Remember, there is a difference between Big Data, and Big Personal Data.
The General Data Protection Act, offers a opportunity, all be it an enforced one, for companies to get their data house in order. It may not be simple, but it is straightforwards.
Inspired by Engineering Privacy by Design Reloaded – Gurses, Troncoso & Diaz https://www.esat.kuleuven.be/cosic/publications/article-2589.pdf