In May 2018 every active internet user received hundreds of emails with a request to accept new agreements because of GDPR (General Data Protection Regulation’s).
But some researches show that in May 2018 most of the companies were no ready to be compliant with the GDPR. The fine is four percent of annual global revenue or €20 million.
Below are some of the key GDPR requirements and an idea how Blockchain can help companies to be compliant.
- All processing should be based on a legitimate purpose and customer has to be aware of what data company process and how a company use it
- Collect only that data which is necessary, and not keep personal data once the processing is finished
- The customer can ask to delete or transfer his personal data
- Companies to notify customers where they share information with other organizations
Imagine the world where all customer’s personal data is stored inside some permissioned Blockchain. All data is encrypted with end-to-end encryption. Only the customer has a private key to decrypt those data. The customer has complete control of their personal information and can determine what is used by companies and how.
Imagine some company asked to provide access to specific personal information.
The customer can now use their own digital signature (or fingerprint) and combine that with a company’s signature to unlock and release those specific data. It provides restricted access that can only exist if there is verification from both the customer and the company.
Blockchain could also control sharing data across systems and organizations. When a company needs to share data with some 3rd party partners the customer receives a request and has to formally provide his digital signature for such action.
Finally, the customer may revoke or limit access to his personal data any time.
Here are few examples of such infrastructure in HealthCare – Doc.AI, and Iryo.
And by the way Telegram Passport (when they move it to blockchain) may be one of such infrastructure that helps to solve GDPR compliance.