Privacy by Design: GDPR Compliant Software Development
Barnabás Székely is a senior data protection specialist and trainer, Lead Data Protection Specialist and Information Security Auditor @ Privacy Pro. He was practicing data protection before it was cool. In 2016 he was among the first Romanian professionals leading complex GDPR compliance programs in a wide range of industries, including software development, e-commerce, marketing, healthcare, education, and others.
He held nearly 70 presentations on data protection and other legal aspects concerning corporate compliance, Artificial Intelligence, GDPR compliant software development, children’s privacy, and profiling. He is regularly quoted as a subject-matter expert in the national media. He also gave more than 40 interviews on data protection and information security issues.
Barnabás possesses both a computer science and legal background, plus earned a master’s degree in EU Private Law. He also holds several international certifications, including CIPP/E (IAPP), CDPSE (ISACA), ISO 27001 Auditor (TÜV Rheinland), and OTCP/P (OneTrust). Now he is studying artificial intelligence at the Technical University of Madrid, completing a master’s degree.
Data protection by design (privacy by design) and data protection by default, are central requirements in the General Data Protection Regulation (GDPR, art. 25) that apply from May 2018. The data controller must comply with the requirements governing data protection by design during software development, and when ordering systems, solutions, and services, or using third party products or services.
How can you develop GDPR compliant software? I will present these legal requirements, and translate them to software development goals and objectives.