GDPR and Software Quality

This is excerpt from my talk on “GDPR and Software Quality

I got a bit curious to learn about EU General Data Protection Regulation a.ka. GDPR and understand its possible impact on software quality from the Process and Test data perspectives. GPDR will be enforced by May 2018. I will write about it in my next upcoming post in detail. GDPR-Software Quality - Khurram Bhatti

If a company is using production data in Test activities to ensure software quality, then It is a Data Processor and hence required to safeguard Personal data.

Personal data is any information relating to an identified or identifiable natural person, that could be, name, address, location, online identified health information or even a location data (cont. Art 4).

I came across a very interesting mind map of Personal data ecosystem from Kaliya Hamin (Slide 25/46)

Personal Data ecosystem
Types of Personal Data (click to enlarge)

If Personal data is used, then It’s an opportunity to rethink the Test Process and handling Test Data with more love.

Pseudonymisation is a safeguard to process the data that it is no longer attributed to a specific person. Data masking, look-up tables or encryption could be among options to try.

Role or Task based access could be an approach to understand the test data source and its respective users in various environments, making the process more transparent with common understanding.

If you’re also wondering about these topics, what question do you’ve in mind and what do you already know?

One thought on “GDPR and Software Quality

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s