Jeroen Riedstra (the Alliance): Efficiently concealing special personal data requires a good scope in advance
Housing associations have millions of documents. Documents that may no longer contain certain data according to GDPR legislation. How do you, as an organization, clean up your systems and at the same time ensure that new data such as Social Security numbers, IDs and income data are handled correctly within your organization? CorporatieGids.nl spoke about it with Jeroen Riedstra, Project Manager at the Alliance.
Compliance with new laws and regulations – and the GDPR in particular – was the main reason for the Alliance to start tackling documents. “These documents run the risk of containing special personal data,” Jeroen begins the conversation. “We had to tackle the storage of this because we are not allowed to keep this data. In addition, this data poses a security risk that we as an organization do not want to run. We therefore looked at how we can clean the data in three main places: our DMS, our department drives and in Teams and SharePoint. This requires a project-based approach so that you work on each area of interest.”
Automatic cleaning
“Because there are a lot of documents involved, it is necessary to perform the cleaning automatically,” Jeroen continues. “To create a picture of this; our DMS and department drives contain literally millions of documents. Then you cannot ask document owners to ‘solve it’, the volume is too large for that. It is important to focus in advance and clearly define what data you want to delete and what you absolutely must keep in order to do your work properly.”
Zero knowledge proof
According to Jeroen, housing associations are the odd one out when it comes to legislation and regulations surrounding the protection of personal data. “In order to properly fulfill our function, we have to deal with sensitive documents. We are not allowed to record certain data, but we do have to deal with this on a daily basis, for example because income statements are sent. We see in the sector that there are more and more initiatives underway to give this a different meaning, for example pilots with zero knowledge proof . This means that a reliable party indicates that, for example, the income statement is correct, without us having to receive documents about this. That would save a lot of incoming ‘prohibited’ data in the future.”
Scope
In the search for tools for automatic data cleaning, the Alliance quickly came to EntrD, says Jeroen: “EntrD has a partnership with Aareon, the supplier of our DMS. As a result, cleaning with the FileFactory is provided as an integral service. The only thing that was asked of us was to set up a good scope in advance. For example, many documents do not need to be searched because they cannot contain personal data, such as maps. In addition, it must be indicated what we wanted to have painted. We have opted for information that can be easily recognized, such as BSN and copies of ID cards or driving licenses. With these types of data, the chance of a false positive – where information you want to retain is obscured – was virtually nil.”
“The preliminary test set showed that this data had been removed with a success rate of close to 100 percent. If it didn’t happen, there was a good reason for it. For example, because part of the document was handwritten instead of typed. Based on this test, we had the entire DMS cleaned. This was done in collaboration with EntrD and Aareon, the Alliance did not have to worry about that. This took about three months and all documents were stripped of Social Security numbers and ID copies. After this we carried out a test where we determined by means of spot checks that the painting had gone well. We then placed the documents back in our own environment.”
Deafening silence
It is now six months later and the Alliance has not yet noticed an incident where something has been incorrectly painted over. “In that deafening silence, we assume that the DMS approach went well,” Jeroen laughs. “We are now addressing department drives. A challenge here is that the information here is much less structured, making it much more difficult to determine a scope in advance. We are discussing with EntrD how we can perform a preliminary analysis that indicates where there are many documents that need to be varnished, so that we do not needlessly offer millions of documents for varnishing that do not need it. Creating order in the mass of documents is therefore a prerequisite for being able to clean the disks.”
Mopping is more fun when the tap is not open
“We are also looking at how we can prevent special personal data from ending up in our organization as much as possible in the future,” Jeroen concludes. “During the project we shared a Loesje poster that said: mopping is more fun when the tap is not open. The first step in the future is to ensure that contaminated information does not enter, for example through the aforementioned zero knowledge proof . And if it does come in, it will be dealt with immediately at the gate.”
Source: CorporationMedia Photo: De Alliantie