Presentation is loading. Please wait.

Presentation is loading. Please wait.

Personal Data Usage Monitor

Published byみひな しまむね Modified over 5 years ago

Similar presentations

Presentation on theme: "Personal Data Usage Monitor"— Presentation transcript:

1 Personal Data Usage Monitor
Ivo Mehide Degeetia OÜ

2 Personal Data Usage Monitor – why?
From the Estonian Personal Data Protection Act, §19 subsection 1: At the request of a data subject, a processor of personal data shall communicate the following to the data subject: ... 5) third persons to whom the personal data of the data subject have been transferred From the Estonian Personal Data Protection Act, §25 subsection 2: 3) prevent unauthorised recording, alteration and deleting of personal data and to ensure that it be subsequently possible to determine when, by whom and which personal data were recorded, altered or deleted or when, by whom and which data were accessed in the data processing system; Solution: Registrate this kind of information and share this through common flexible software. Procurements from Information System Authority, financed by European Regional Development Fund: Analysis and Design of Personal Data Monitor Development of Personal Data Monitor Standard Solution

3 Conceptual diagram

4 Components Extractor – examines X-road messages for personal data and send general information about the messages (service code, receiving party, personal codes etc) to the Data Recorder. Logger – stores information about the X-road messages in database and shares this to the Eesti.ee portal. Service in eesti.ee portal – user interface for data subjects.

5 Extractor Works as transparent proxy between infosystem and X-road security server Contains rules of determining if transferred X-road message contains personal data. Contains rules about how to extract general message information (receiver, timestamp, service name, etc) and personal code(s) from the message body. Extraction rules are going to apply for all the messages that are catched by the filter. Extracted information is going to transferred to the Logger component.

6 Logger Separate component for storing and retrieving personal data usage information. Provides REST services for storing and retrieving. Provides X-road service for eesti.ee portal in order to search and retrieve logged information. Provides simple web-based UI for internal use.

7 Eesti.ee portal Data subjects can use eesti.ee portal in order to get information from which database, when and to what third party their personal data was transferred. Currently there are agreed to present such information from: Elering Data Warehouse (electricity consumption points) Population Register Health Insurance Register Social Services Register Unemployment Insurance Registry

8 Different configuration options
Personal Data Usage Monitor components can be used also separately. The possible configurations are as follows: Both Extractor and Logger components are in use. Only Logger component is in use. Infosystem writes personal data information directly to Logger Only Extractor component is in use. Extractor writes log information to infosystem and infosystem implements needed X-road service. There are no Extractor and Logger components in use. Infosystem implements internally both personal data logging and corresponding X-road service.

9 Additional information
Documentation, full source code and binary packages are available on GitHub:

Download ppt "Personal Data Usage Monitor"

Similar presentations

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Performed by:Gidi Getter Svetlana Klinovsky Supervised by:Viktor Kulikov 08/03/2009.

Performed by:Gidi Getter Svetlana Klinovsky Supervised by:Viktor Kulikov 08/03/2009.
WINGNUT TECHNOLOGIES CUSTOM ENGINEERING SOLUTIONS.

WINGNUT TECHNOLOGIES CUSTOM ENGINEERING SOLUTIONS.
Https://www.tervisepank.ee Tervisepank ® e-solution for primary care Madis Tiik, MD CEO, Estonian Society of Family Doctors 06.04.2006.

Tervisepank ® e-solution for primary care Madis Tiik, MD CEO, Estonian Society of Family Doctors
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Databases & Data Warehouses Chapter 3 Database Processing.

Databases & Data Warehouses Chapter 3 Database Processing.
Sage CRM Developers Course

Sage CRM Developers Course
X-Road (X-tee) A platform-independent secure standard interface between databases and information systems to connect databases and information systems.

X-Road (X-tee) A platform-independent secure standard interface between databases and information systems to connect databases and information systems.
LAYING OUT THE FOUNDATIONS. OUTLINE Analyze the project from a technical point of view Analyze and choose the architecture for your application Decide.

LAYING OUT THE FOUNDATIONS. OUTLINE Analyze the project from a technical point of view Analyze and choose the architecture for your application Decide.
Jan Hatje, DESY CSS ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron.

Jan Hatje, DESY CSS ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron.
X-Road – Estonian Interoperability Platform

X-Road – Estonian Interoperability Platform
Module 10: Monitoring ISA Server 2004. Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.

Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
Computer Emergency Notification System (CENS)

Computer Emergency Notification System (CENS)
Introducing HingX now with Capacity Development Network.

Introducing HingX now with Capacity Development Network.
Insufficient personal data protection Personal Data protection Act.

Insufficient personal data protection Personal Data protection Act.
Jan Hatje, DESY CSS GSI Feb. 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron.

Jan Hatje, DESY CSS GSI Feb. 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron.
Database Administration

Database Administration
1 Web Servers (Chapter 21 – Pages(859-864) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System Architecture.

1 Web Servers (Chapter 21 – Pages( ) Outline 21.1 Introduction 21.2 HTTP Request Types 21.3 System Architecture.
Vinay Paul. CONTENTS:- What is Event Log Service ? Types of event logs and their purpose. How and when the Event Log is useful? What is Event Viewer?

Vinay Paul. CONTENTS:- What is Event Log Service ? Types of event logs and their purpose. How and when the Event Log is useful? What is Event Viewer?
7 February 2008Dietrich Beck A LabVIEW Interface to ELOG ELOG Possible solution paths Status Integration into – CS ? – Domain Management System?

7 February 2008Dietrich Beck A LabVIEW Interface to ELOG ELOG Possible solution paths Status Integration into – CS ? – Domain Management System?

Similar presentations

Ads by Google