The Post-GDPR Reality

The session will be about the installation of WSO2 Identity Server and homogenization of various user stores in the municipality of Heraklion Crete in Greece. The presentation explores the situation which existed, prior to using WSO2, with multiple and heterogeneous per application user management solutions, the problems that occurred, and how they were solved. This session looks at the benefits of WSO2 Identity Server in the specific installation. They also managed to prepare the municipality for General Data Protection Regulation (GDPR), giving them the tools to create a dashboard with users' data in order to keep them informed and updated.

Key Takeaways:

• GDPR
• Open Source IDM
• European Public Sector

The ability to anonymise data and analytical insights derived from personal data is a powerful tool to deal with privacy regulations such as HIPAA and GDPR. For example, the Article 29 Data Protection Working Party states that anonymisation does not require customer consent and according to the GDPR Recital 26 anonymized data is exempt from GDPR. 

That is why anonymisation is a perfect way to gain deeper insights into your data without exposing this data to risk. Unfortunately implementing reliable anonymisation is technically complex and may have limited utility in practice. Pseudonymisation methods and tools are more widespread but have limitations and do not address key challenges resulting from GDPR, for example. This talk will discuss the advantages and challenges around a range of methods, and illustrate this with practical examples and actual use cases.

Key takeaways:

- Understanding key benefits and challenges around a number of privacy enhancing methods and technologies
- Insight in how some organizations address data privacy protection and regulatory challenges using technology
- Learn how customers use anonymisation in their data analysis and what insights they gain from it