Privacy By Design: theory or methodology?

Privacy by Default and Privacy by Design are two principles that GDPR calls to mind and that data controllers must follow when applying in practice the protection of personal and sensitive data. More than a year after the GDPR came into force, what has actually changed in the way healthcare software is designed and implemented?

In the tender specifications, Privacy by Design is usually present in the non-functional requirements as a mere reminder, without any specification on how this principle should be understood and applied – a sentence or a little more asking the supplier for designing the software in accordance with these principles.

What has changed on the supplier side, however, in terms of software design and implementation? In my opinion, few or nothing. The attention of designers has focused on security measures and the management of informed consent, two aspects that certainly fall within the scope of Privacy by Design but that do not exhaust it. It should also be noted that the superficiality of the demand and the requirements it expresses certainly does not encourage suppliers to do more.

How many suppliers have adopted a methodology and a framework for the application of Privacy by Design? Which systems have been evaluated and designed – if new – on the basis of a risk analysis?

What can healthcare companies do then to meet the requirements of the GDPR? Here are some practical suggestions for formulating more precise technical specifications:

  1. Ask the supplier which methodology and framework they adopted for Privacy by Design and to describe it
  2. Ask the supplier for a complete risk analysis of the system (which should then be integrated and applied with respect to the IT infrastructure and the organisation of the healthcare organization)
  3. Ask the supplier for a complete list of the security measures that have been adopted to mitigate the system risks
  4. Ask the supplier for a list of possible countermeasures to mitigate the risks (in addition to the technical measures described in the previous point)
  5. Ask the supplier for a precise description of the methodology and technology used for access control according to the roles and the consequent rights to consult the data.

The idea is to encourage suppliers to provide their solutions with documentation relating to the implementation of Privacy by Default and Privacy by Design, documentation that, to be implemented, requires a comprehensive and reasoned approach to the issue.

The theme of Privacy by Design is very broad and complex, but there is no lack of studies, analysis and methodologies, not least because this principle was enunciated by Ann Cavoukian in the mid-nineties.

Among the many documents available online, I would like to point out “Privacy by Design“, by John Nwachukwu Okoye of the Norwegian University of Science and Technology, which you can read here.

It is an interesting text because, in addition to providing a good overview on the subject and on the metrologies and approaches followed so far, it deepens the risk analysis by applying the main ones through the practical examination and the real evaluation of four remote care systems.

It is a reading that I recommend to all those interested in the subject.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s