A personal data breach can occur inadvertently, not because of negligence, but because analysis sometimes shows that certain data is not personal data, whereas, in fact, it is. Our view is that if designating data as personal depends on many factors, mostly on the context of data processing. Handling special categories of data requires extra care.

GDPR just mentions indirect identification as a method of identifying a person but leaves everyone in the dark about the rest. It's not only about if one wants to identify someone, but it also's about the intrinsic value of data and its inherent ability to facilitate the process of identifying someone, regardless if one intends to do it or not.

What is direct identity confirmation? How to navigate through GDPR, as it broadly reads: "identifiable natural person is one who can be identified, directly or indirectly" without mentioning a word what is direct identification and what does it entail. The authors' views might help you shed some light on it.

How to confirm the identity of a person? What are the principles of identity confirmation and their relationship with authentification? How to be GDPR compliant, prevent identity theft and personal information data breaches? This blog post summarizes some of the GDPR topics we were tackling at a high level. If you are just embarking on a GDPR ship with a demanding project, hopefully, our views can make your journey faster and more cost-effective.

What data should be designated as personal data and what does it mean to directly identify an individual or make identification indirectly? How to recognize personal data when it's not apparent that data actually should be dealt with as if it is personal and enjoy the full protection of GDPR. Why isn't more people discussing the context of data processing? Some of our views in this blog post might make you think twice. 

What data should be designated as personal data and what does it mean to directly identify an individual or make identification indirectly? How to recognize personal data when it's not apparent that data actually should be dealt with as if it is personal and enjoy the full protection of GDPR. Why isn't more people discussing the context of data processing? Some of our views in this blog post might make you think twice. 

When it comes to information security our goal is that you understand our way of thinking. We believe if you understand how we think that you'll better understand the real importance of following ISO 27001 standard and all benefits it brings to your business.