This is excerpt from my talk on “GDPR and Software Quality”
I got a bit curious to learn about EU General Data Protection Regulation a.ka. GDPR and understand its possible impact on software quality from the Process and Test data perspectives. GPDR will be enforced by May 2018. I will write about it in my next upcoming post in detail.
If a company is using production data in Test activities to ensure software quality, then It is a Data Processor and hence required to safeguard Personal data.
Personal data is any information relating to an identified or identifiable natural person, that could be, name, address, location, online identified health information or even a location data (cont. Art 4).
I came across a very interesting mind map of Personal data ecosystem from Kaliya Hamin (Slide 25/46)
If Personal data is used, then It’s an opportunity to rethink the Test Process and handling Test Data with more love.
Pseudonymisation is a safeguard to process the data that it is no longer attributed to a specific person. Data masking, look-up tables or encryption could be among options to try.
Role or Task based access could be an approach to understand the test data source and its respective users in various environments, making the process more transparent with common understanding.
If you’re also wondering about these topics, what question do you’ve in mind and what do you already know?