Considerations for GDPR readiness
For PID(s): 5724Y04
Notice:
This document is intended to help you in your preparations for GDPR readiness. It provides information about features of IBM Decision Optimization Center that you can configure, and aspects of the product's use, that you should consider to help your organization with GDPR readiness. This information is not an exhaustive list, due to the many ways that clients can choose and configure features, and the large variety of ways that the product can be used in itself and with third-party applications and systems.
Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsible for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients' business and any actions the clients may need to take to comply with such laws and regulations.
The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. IBM does not provide legal, accounting, or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.
Contents
GDPR
General Data Protection Regulation (GDPR) has been adopted by the European Union ("EU") and applies from May 25, 2018.
Why is GDPR important?
GDPR establishes a stronger data protection regulatory framework for processing of personal data of individuals. GDPR brings:
- New and enhanced rights for individuals
- Widened definition of personal data
- New obligations for processors
- Potential for significant financial penalties for non-compliance
- Compulsory data breach notification
Read more about GDPR
Product Configuration - considerations for GDPR Readiness
Terminology
- Customer: individual or business which purchases, installs, configures, and operates IBM Decision Optimization Center (DOC)
Data handling in IBM Decision Optimization Center
In IBM Decision Optimization Center, data is present in the following:
-
The DOC Scenario Repository stores scenarios, projects, configurations and models, defined by the Customer.
-
Data used with models to represent optimization problems. The data is used by IBM Decision Optimization Center for the purposes of finding solutions to the optimization problem. The data is accessed using a database connector or from files.
-
Data written to log files by IBM Decision Optimization Center. These files do not contain personal information.
The following sections provide considerations for configuring IBM Decision Optimization Center to help your organization with GDPR readiness.
Configuration to support data handling requirementsThe GDPR legislation requires that personal data is strictly controlled and that the integrity of the data is maintained. This requires the data to be secured against loss through system failure and also through unauthorized access or via theft of computer equipment or storage media.
If your use of IBM Decision Optimization Center includes the use of personal data for your optimization problems, you need to ensure that data your data is secured against loss or unauthorized access.
Configuration to support Data Privacy and SecurityThe customer is responsible for data privacy and security of their LDAP and should follow the secure privacy and protection guidelines.
General privacy and security rules
-
Access control must be effective and enforced properly.
-
Credential strength must be high and strong.
-
Default passwords should be removed or at least changed. IBM Decision Optimization Center is delivered with default credentials that are created for testing purposes (database docker images, default Keycloak configuration).
Data Life Cycle
The data life cycle for IBM Decision Optimization Center is
-
The customer creates an optimization application for use with data either from a database or a file. The application includes an optimization model, which may contain personal data.
-
The customer tests the application with the data and debugs it.
-
Once the application performs in a satisfactory manner, it is deployed.
Personal data used for online contact with IBM
IBM Decision Optimization Center clients can submit online comments/feedback/requests to contact IBM about IBM Decision Optimization Center subjects in a variety of ways, primarily:
- Public comments area on pages in the IBM Decision Optimization Center community on IBM developerWorks
- Public comments area on pages of IBM Decision Optimization Center documentation in IBM Knowledge Center
- Public comments in the IBM Decision Optimization Center space of dWAnswers
- Feedback forms in the IBM Decision Optimization Center community
Typically, only the client name and email address are used, to enable personal replies for the subject of the contact, and the use of personal data conforms to the IBM Online Privacy Statement
Data Collection
- IBM Decision Optimization Center applications have their user authentication fully delegated to an external enterprise directory through the use of a standard Keycloak micro-service (see https://www.keycloak.org).
- The Data Service database used by applications are provisioned by the customer. IBM Decision Optimization Center stores scenario data in this database.
- Access rights to the functions of the application are based on user roles that are defined in the Keycloak micro-service and referred to in the scenario service of the application in its associated Scenario Service database.
- Both databases must be maintained throughout the life cycle of the IBM Decision Optimization Center product use.
- Data must be backed up regularly based on the customer's business needs and risk level.
- When IBM Decision Optimization Center is no longer used, the databases can be securely deleted or backed up for future use. The customer is responsible for deleting and backing up the databases.
- As a data controller, the customer should provide means to satisfy data access requests for personal information or other compliance requests.
Data Storage
The databases should be protected by using appropriate security controls. This includes but is not limited to:
- Encryption at rest, with keys stored separately in a secure location with a key management tool. The encryption can be performed at database or partition level.
- Access controls to the databases.
- The customer's IT infrastructure and security topology should implement:
- Tracking and logging of user activities
- A security event management system (SIEM) to monitor the connections and security events
-
Encryption of backups of data
Data Access
The customer should implement protective measures concerning data access.
- Access control to the databases should be in place and effective.
- IBM Decision Optimization Center provides a REST API. The customer should consider implementing certain protections, including:
- Use of HTTPS for all the connections
- Use of basic authentication or other authentication methods
- Proper authorization, so that only authorized roles can use the corresponding API
Data Processing
The customer should consider implementing the following security guidelines when invoking the REST API:
- HTTPS with secure ciphers should be used.
- The input payload should be properly sanitized.
- The security infrastructure should protect against DOS attacks.
Data Deletion
Right to Erasure
Article 17 of the GDPR states that data subjects have the right to have their personal data removed from the systems of controllers and processors - without undue delay - under a set of circumstances.
Data Deletion characteristics
If the customer's use of IBM Decision Optimization Center includes the use of personal data, the customer should implement appropriate controls and tools to satisfy the right to erasure.
IBM Decision Optimization Center does not require any special method for data deletion. The customer is responsible for implementing appropriate methods for storage media to securely delete data, which includes media zeroization if necessary. The customer is also responsible for deleting data.
Data Monitoring
The customer should regularly test, assess, and evaluate the effectiveness of their technical and organizational measures to comply with GDPR. These measures should include ongoing privacy assessments, threat modeling, centralized security logging and monitoring among others.
Responding to Data Subject Rights
The personal data stored and processed by IBM Decision Optimization Center applications falls under the following categories:
- Basic user data, such as usernames, e-mail addresses, and passwords
- Personal data that could be used as an input to an optimization problem.
If you use personal data as an input to your optimization solution, you should consider and implement methods so that you can respond to a request to:
- Delete data
- Correct data
- Modify data
- Extract specific data for export to another system
- Restrict the use of the data within the overall system
securely and responsively.