Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Key Points

  1. address use cases for PII, personal usage data etc
  2. summarize regs - GDPR, CCPA, TCPA, HIPAA, HL7
  3. review opportunity, challenges
  4. summarize HLF features related - cryptography, identities, private data, off-chain etc
  5. demo cpaper private data


References

Reference_description_with_linked_URLs_______________________Notes______________________________________________________________




https://drive.google.com/open?id=1MaBwU9LrfRij-taPQpxKndMqhzouGklAenterprise_blockchain_data_compliance_concepts.pptx
presentation - Data Privacy Concepts and Strategies using Hyperledger Fabric.docx
session1-VINblock-presentation-proposal-Global-Forum-2020-download__cs9B6cPfNnXznnzg3BbrDTGkmGMzqz.pdf
session2-DCS-data-privacy-concepts-strategies.pdf
https://www.cpomagazine.com/data-privacy/gdpr-compliant-blockchain-personal-
data-privacy-in-blockchain/		Blockchain article on GDPR and Fabric - Priti *


200608-liveworx-boston-online-reg.rainfocus.com-Registration.pdf
liveworx-2020-cfp-connected-vehicle-identity-blockchain-jim-mason.docx
global-forum-2020-VINblock-session-download__rCv32Znk5PV2hsmV82G7Prn3zMpnRN.zip




Sichern One-Sheet.pdf
sichern-data-slides-v1.pptx
Sichern-data-compliance-whitepaper-short-version.201906.docx
Sichern Summary PDF (for site download).docx
DMX_FCA_data services - Copy.docx
DMX - Blockchain and Data Compliance Services.v2.pptx




Related regulations


https://www.linkedin.com/posts/roblesliesedicii_blockchain-and-the-general-data-protection
-ugcPost-6626110475820118016-lcht

eu-can-DLT-support-GDPR-2020-study-document.pdf

EU Study 2020- can DLT support GDPR fully?
blockchain-gdpr-compliance-study-2019-document.pdfEU 2019 - GDPR Compliance Study
EU-blockchain-report-2019-Blockchain-today-tomorrow-document.pdfEU 2019 - Blockchain report
DTCC-dlt-governance-2019-document.pdfDTCC blockchain governance for custodians 2019



CCPA

CCPA

HIPAA

TIPPSS for clinical data

HL7

EHR

SOC2

IEEE


Data Governance


https://profisee.com/data-governance-what-why-how-who/

data-governance-profisee.com-Data Governance What Why How Who 15 Best Practices.pdf

Data Governance Concepts & Tools









Key Concepts




Potential Value Opportunities



Potential Challenges




EU Study 2020 - Can DLT be reconciled with GDPR?

https://media-exp1.licdn.com/dms/document/C4D1FAQFNjRDa_UFpUA/feedshare-document-pdf-analyzed/0?e=1579921200&v=beta&t=tjfq9vil_cU6TPcRFbsV6SL5ESEpoRln9caq13A_LOY

eu-can-DLT-support-GDPR-2020-study-document.pdf

Thanks @Biser Dimitrov for the report. I agree with the issues raised. GDPR is challenging to comply with. Even more, legal interpretations of key GDPR requirements are not yet settled.

I disagree with the concept that compliance may not be achievable with today's advanced DLT solutions. We looked at scenarios for different interpretations of key features such as "right to erasure" etc and found it possible to engineer DLT solutions that were compliant in all cases. Beyond technology, a compliant solution requires "end-to-end" engineering in most cases. In addition, operation of the solution matters, especially operation and governance on data management and  compliance rules.



Candidate Solutions


Blockchain article on GDPR and Fabric - Priti

https://www.cpomagazine.com/data-privacy/gdpr-compliant-blockchain-personal-data-privacy-in-blockchain/

  1. Off-chain storage (Private database)
  2. Hash or fingerprint of data or metadata on a blockchain (limitations for small-sized data)
  3. Anonymization of data (Pseudonymization not permitted)

Private data collection in Hyperledger Fabric

Hyperledger Fabric uses cryptography mechanisms to maintain transaction confidentiality and access control. Fabric offers an in-built facility of using a private database where a hash of private data is stored on blockchain. As hash is a one-way function, guessing the private data from the hash is difficult. To make the hash more resilient to brute-force attack – a. Hashing algorithms generating longer bits like SHA-512 b. random salt with the private data should be used.

Transient field – To maintain the privacy of data while communicating from client to authorized peers in organizations, transient field is used which is excluded in channel transaction.

blockToLive – This property in private data collection defines the lifetime of data on a private database. If the blockchain achieves a certain block height (a value can be set), data automatically gets deleted from the private database and to keep data forever in the private database the value of blockToLive is set to 0. Referring to one of the fundamental rights of GDPR, ‘right to erasure’ is also supported in a controlled way by Hyperledger Fabric.

Hyperledger fabric



Step-by-step guide for Example



sample code block

sample code block



Recommended Next Steps



  • No labels