Talks
Speakers
Events
Topics
Sign in
Home
Talks
Speakers
Events
Topics
Leaderboard
Use
Analytics
Sign in
Suggest modification to this talk
Title
Description
Open the gate a little: strategies to protect and share data Can you name a more terrifying set of three words in software development than "HIPAA violation fines"? I bet you can't. We know we know we must protect access to our information at all costs, sometimes we need to provide access for legitimate reasons to our production data and this brings a dilemma to us: how to do it while minimizing the risks of data leakage. In this talk I'll share some strategies that can give you some guidance on when to close the door, when to open the door and when to open the door to your information a little
Date
Summarized using AI?
If this talk's summary was generated by AI, please check this box. A "Summarized using AI" badge will be displayed in the summary tab to indicate that the summary was generated using AI.
Show "Summarized using AI" badge on summary page
Summary
Markdown supported
In this talk titled "Open the gate a little: strategies to protect and share data," Fernando Petrales explores the challenges of granting access to production data while maintaining security and compliance with regulations like HIPAA. He emphasizes the importance of protecting personally identifiable information, especially in industries like healthcare, and shares strategies for safely sharing data when necessary. Key points discussed include: - **Understanding Data Restrictions**: The need to comprehend the specific reasons why someone requests access to production data to ensure only necessary information is shared. - **Health Regulations**: An overview of HIPAA and its implications, emphasizing its role in protecting health information. - **Case Studies**: Petrales highlights significant incidents involving unauthorized access to sensitive data, such as unencrypted laptops leading to severe fines. - **Anonymization Techniques**: He suggests using data anonymization to share subsets of information securely, introducing tools like Possible Synonymizer for PostgreSQL to mask sensitive data. - **Static Masking and Dynamic Masking**: Petrales explains the concepts of static and dynamic masking, demonstrating how to change or hide sensitive data based on user roles or needs. - **Generalization**: He illustrates how data can be generalized to protect individuals while still allowing for necessary analysis or research. - **Key Takeaways**: It is crucial to understand what data is actually needed before granting access and ensure that only minimum necessary data is shared to reduce risk. Ultimately, Petrales emphasizes the need for careful consideration when handling sensitive data, underlining that data once out of production control can be hard to protect. Participants are reminded that being cautious with data distribution is paramount to maintaining privacy and compliance.
Suggest modifications
Cancel
