Personal data is most unique and intimate aspect of individual that must be safeguarded. Data contained personal records must be into account at all times: from developing to evaluation of the product. Records should be encrypted, pseudonymized or anonymized wherever possible. It relates to internal, customer, and third-party data.

Absolute transparency

Be aware to report on every user in the database in the short term: the number of records, access levels, and removal procedures.

Limit access

Review permissions for data storage and databases (especially sensitive ones) almost every week. Give access only to specific project team members or those with direct assignments.

Share with care

Triple-check the recipients and the content of what you are sending. Limit the address list to only main participants to ensure that no data about other individuals is shared with unintended recipients.

Limit the use of personal records in reports or slides. If you have to, make them unrecognizable (blurring, number ranges).

Data is powerful, when used legally