订阅我们的博客

Privacy by Design or Privacy by Default (PbD) is not a new concept. However PbD received renewed attention when the GDPR added PbD as a legal requirement. PbD refers to the process of building in technical, organizational and security measures at the beginning stage of product development and throughout the product lifecycle. 

A look inside PbD at Red Hat

Instead of developing a product and then asking: Is this product secure? Do we respect privacy rights? PbD requires developers to ask and answer these questions at the start and throughout the development process. PbD also requires developers to collaborate with colleagues from other areas of the business who have expertise in privacy and security compliance.

PbD fits in very well with Red Hat’s commitment to the open source way. Asking questions in a collaborative nature and on a continuous basis are key tenets of open innovation at Red Hat.  

Privacy Engineering by Design

One PbD tool we use to build in privacy to our development process is our Privacy Impact Assessment, also known as a PIA. The PIA is a process which assists developers at the early stages in identifying and mitigating privacy risks associated with the collection and use of personal data. 

The PIA tool begins with a self assessment that asks a lot of questions about the planned project or product. This initiates a process of review by individuals trained in privacy and security. The process is collaborative and creates an on-going dialogue about privacy with respect to the product, system or application at hand.

Collaboration Across Departments

New or updated privacy laws are being introduced and enacted in states, regions and countries across the world (see our March Blog on this topic).  The result is a rather complicated web of privacy laws which vary depending on geography, industry and the type of personal data at issue.  

As we hinted above, collaboration is a key part of PbD at Red Hat. At Red Hat, we have a team dedicated to monitoring and evaluating new privacy laws and assessing how such laws impact our our offerings and our PbD tools, such as the PIA process.  The team is made up of individuals who focus on privacy and data security from departments such as InfoSec, IT, Engineering, Customer Engagement and Legal.  

Understanding privacy issues within and across an organization helps build a foundation that keeps data security and privacy in the conversation throughout the development lifecycle. Raising and addressing privacy considerations in the design phase also helps Red Hat offer products and services that meet the needs of our customers.

Visit our Trust Red Hat page to stay connected on topics such as security, compliance and privacy.


关于作者

Jamie Parker is a compliance and privacy expert within Red Hat's products and technologies organization. She is passionate about data protection and privacy. Before joining Red Hat, Parker spent 12 years at Cisco Systems transforming business processes. Her focus was policy governance, regulatory compliance, internal audit, customer data protection, and privacy.

 
Read full bio

按频道浏览

automation icon

自动化

有关技术、团队和环境 IT 自动化的最新信息

AI icon

人工智能

平台更新使客户可以在任何地方运行人工智能工作负载

open hybrid cloud icon

开放混合云

了解我们如何利用混合云构建更灵活的未来

security icon

安全防护

有关我们如何跨环境和技术减少风险的最新信息

edge icon

边缘计算

简化边缘运维的平台更新

Infrastructure icon

基础架构

全球领先企业 Linux 平台的最新动态

application development icon

应用领域

我们针对最严峻的应用挑战的解决方案

Original series icon

原创节目

关于企业技术领域的创客和领导者们有趣的故事