11 Feb Pharaon Posts! Matthias Pocs, Cybersecurity Manager
The Pharaon project focuses on the inclusion of ICT solutions designed to help both healthy and frail aging adults to live a healthy, independent and dignified life. Our main target is to achieve that this ICT inclusion is designed and implemented with respect to the users’ rights giving special attention to data protection. This issue is key for this project because aging citizen are generally regarded as vulnerable data subjects.
Our main goal for the Pharaon platform is to achieve the highest level of data protection. This is why we have helped implement this aspect from the very beginning of the project. The reason for this is the ICT principle that “building is easier than re-building or reforming”. Due to the difficulties with adjusting or rebuilding solutions after deployment, we try to work with as little personal data as possible and, whenever we can, we anonymize them. Another tool is encryption, which guarantees additional protection to all personal data processed by the platform.
To that end, the project is being designed to make use of state-of-the-art anonymization, pseudonymization and cryptographic technologies to protect user data throughout the entire lifecycle, from collection to the various computations that are required. It should be noted that dedicated guidelines will be set and presented through this project regarding data lifecycle management and capabilities for GDPR support, driving conformity with security and privacy standards such as ISO/IEC 27001. Those guidelines will clarify procedures and rules that need to be followed by the consortium partners and the participants involved in Pharaon activities. As a result, it is expected that data protection and security issues for participants regarding the collected data will all be successfully handled.
We strongly believe that, following the aforementioned principles, it is possible to achieve a renewed understanding of data protection within the project. This is the first step and the best approach to reach better levels of both protection and acceptance. Showing that it is possible to work in a data protection-compliant way when your projects begin to check and apply the related requirements early enough will also help participants to understand that data protection is not a barrier but an added value. This is also why we intend to actively contribute with our lessons learnt to the international and European standardization arena.