- Application areas
- Work with us
- Right now
- About us
Protection of personal data is a high-priority issue – especially in the light of the General Data Protection Regulation that comes into force in May 2018. We have many years’ experience of developing advanced data protection solutions. We also participate in several major research projects on the development of state-of-the-art technology, and part of this work includes how to raise users’ awareness of what happens to their data and establish user confidence.
If you already have, or are developing, a digital solution that involves personal data management, your solution must comply with both current and future data protection laws, including the GDPR. There are also ethical reasons for protecting data, and some users demand privacy. This is a challenge in traditional IT solutions but even more so in new IoT products and cloud services, and in big data and data analytics.
As our society becomes increasingly digitised and we find more ways to realise the potential of big data, both public and private organisations are required to manage personal data in a secure manner. This may call for organisational changes, documentation of compliance, or remedial action if none of these requirements are met.
The Alexandra Institute can help you. We have knowledge about best practice of personal data management as well as expertise in cryptology and other specialised solutions, and we participate in research projects on data protection. We can help you choose the right technology and design or implement security-critical components. We also perform security reviews of your solution so that you can be assured that it complies with the standards.
The EU General Data Protection Regulation (GDPR) comes into force in May 2018. It introduces a number of new and stricter provisions – first and foremost the fines for non-compliance will increase considerably. We provide expertise on GDPR from a technical perspective but join forces with legal experts on the subject to be able to give you the best possible advice.
Privacy Impact Assessment (PIA), also known as Data Protection Impact Assessment (DPIA), is an analysis that must be completed before you are allowed to process personal data, according to the GDPR. We can help you conduct a PIA.
The GDPR stipulates that security must be designed into the solution from the start to minimise the risk of data leakage. This concept is called Privacy by Design. We advise you on how to get started.
Social security numbers are examples of sensitive attributes included in a data set that can potentially identify an individual. Such attributes can be anonymised to allow secure data processing. We can help you anonymise data based on modern cryptographic techniques that prevent de-anonymisation. Pseudonymisation is a similar approach, but here we replace for example a social security number in a data set with a random number (pseudonym) to minimise the risk of misuse if data is accidentally leaked to a third party.
Building user trust is essential, and we have experts who can help you understand your users and develop secure user-centric solutions.
Many of our techniques used to protect personal data can also be used for other types of sensitive data, such as business-critical data. Companies may for example want to benchmark data across organisations but they are also concerned with secrecy. We use advanced cryptographic techniques to solve this challenge.
Read about our services in the field of Data encryption.