The General Data Protection Regulation (GDPR) was introduced by the European Parliament on April 14, 2016, and entered into force on May 25, 2018. Thus, companies cannot store and freely dispose of personal data without the consent of the data subject. These changes quite significantly influenced the functioning of many enterprises in this area. Therefore, it is necessary to consider how to safely generate data for development / test services.
Generating test data
What is test data generation for? Well, the test data generator is an extremely useful tool that allows developers to verify the quality of the software.
The test data generator allows you to generate data such as: personal insurence number or other national ID number, tax, registration number, IBAN number, EAN number. It is also generating a series and number of an ID card, as well as a default text or a string consisting of specific characters, additional form elements, etc., etc. A traditional generator may have limitations such as: limited possibilities of pasting data, module settings saved only after correct filling the entire module, and proper setting is required for the proper functioning of the functionality. It should also be remembered that the test environment is a specific area in the company where there is an increased risk of data leakage.
The point is to be able to use databases containing reliable information, but in a manner consistent with applicable law (GDPR). The security is ensured by anonymization and masking of test data. The test data used must be completely safe in terms of the provisions of the GDPR. This means that the identification of data subjects cannot be possible without additional data (stored elsewhere than masked data).
Test data – how to use them in a safe way?
The optimal solution is to use methods such as anonymization, pseudonymization, data masking. Of course, it requires appropriate tools that allow for the generation of reliable and consistent data and for anonymization (encryption) in databases. The generated test data will be fully protected, and the company will not be exposed to breaking the law.
A great solution to generate sufficient test data and protect confidential information is Soflab GALL (Global Anonymization Linked Loader). The tool allows you to anonymize test data with one click – it can even be large volumes of data. Anonymization consists in replacing real data with fictitious but fully consistent data – both in terms of content and technology. It also enables the exercise of the right to be forgotten without losing information about the customer’s behavior.
The available tools definitely contribute to the higher quality of functional and performance tests; no fear of violating the provisions of the GDPR.
To sum up; working on test data in a safe and GDPR-compliant manner is as possible and effective as possible. Provided that professional anonymization, pesudonymization and data masking tools are used.