Privacy by Design or Privacy by Default (PbD) is not a new concept. However PbD received renewed attention when the GDPR added PbD as a legal requirement. PbD refers to the process of building in technical, organizational and security measures at the beginning stage of product development and throughout the product lifecycle.
A look inside PbD at Red Hat
Instead of developing a product and then asking: Is this product secure? Do we respect privacy rights? PbD requires developers to ask and answer these questions at the start and throughout the development process. PbD also requires developers to collaborate with colleagues from other areas of the business who have expertise in privacy and security compliance.
PbD fits in very well with Red Hat’s commitment to the open source way. Asking questions in a collaborative nature and on a continuous basis are key tenets of open innovation at Red Hat.
Privacy Engineering by Design
One PbD tool we use to build in privacy to our development process is our Privacy Impact Assessment, also known as a PIA. The PIA is a process which assists developers at the early stages in identifying and mitigating privacy risks associated with the collection and use of personal data.
The PIA tool begins with a self assessment that asks a lot of questions about the planned project or product. This initiates a process of review by individuals trained in privacy and security. The process is collaborative and creates an on-going dialogue about privacy with respect to the product, system or application at hand.
Collaboration Across Departments
New or updated privacy laws are being introduced and enacted in states, regions and countries across the world (see our March Blog on this topic). The result is a rather complicated web of privacy laws which vary depending on geography, industry and the type of personal data at issue.
As we hinted above, collaboration is a key part of PbD at Red Hat. At Red Hat, we have a team dedicated to monitoring and evaluating new privacy laws and assessing how such laws impact our our offerings and our PbD tools, such as the PIA process. The team is made up of individuals who focus on privacy and data security from departments such as InfoSec, IT, Engineering, Customer Engagement and Legal.
Understanding privacy issues within and across an organization helps build a foundation that keeps data security and privacy in the conversation throughout the development lifecycle. Raising and addressing privacy considerations in the design phase also helps Red Hat offer products and services that meet the needs of our customers.
Visit our Trust Red Hat page to stay connected on topics such as security, compliance and privacy.
Sugli autori
Jamie Parker is a Product Manager at Red Hat who specializes in Observability, particularly in the Logging and OpenStack areas. At Red Hat, Jamie works with organizations and customers to learn about their needs within the ever changing Observability landscape, and based on their feedback, helps to guide upcoming products within the Red Hat Observability Platform. Jamie enjoys sharing lessons learned to the community by frequently speaking at meetups and conferences, and by blogging.
Ricerca per canale
Automazione
Novità sull'automazione IT di tecnologie, team e ambienti
Intelligenza artificiale
Aggiornamenti sulle piattaforme che consentono alle aziende di eseguire carichi di lavoro IA ovunque
Hybrid cloud open source
Scopri come affrontare il futuro in modo più agile grazie al cloud ibrido
Sicurezza
Le ultime novità sulle nostre soluzioni per ridurre i rischi nelle tecnologie e negli ambienti
Edge computing
Aggiornamenti sulle piattaforme che semplificano l'operatività edge
Infrastruttura
Le ultime novità sulla piattaforma Linux aziendale leader a livello mondiale
Applicazioni
Approfondimenti sulle nostre soluzioni alle sfide applicative più difficili
Virtualizzazione
Il futuro della virtualizzazione negli ambienti aziendali per i carichi di lavoro on premise o nel cloud