Whether intentionally or not, when data integrity has been compromised, it can not only result in serious risks for the data subjects concerned, but also make the company appear untrustworthy. Data with compromised integrity can not only create risks for the data subject itself, but also position the entire company’s reputation and operations at risk.
Once lost, trust cannot be easily found, or not at all.
Data tampering attacks are a serious threat. And as recent news indicates an upsurge of cyber-attacks against personal data-fueled businesses worldwide, one that should be taken seriously. Imagine the repercussions of a clinical trial results based on data altered by an attacker.
Data can be tampered with in many ways.
In the worst cases, these alterations may even remain undetected. So how can you ensure that data has not been subject to unauthorized changes along the way?
Data integrity refers to the accuracy and consistency (validity) of data over the data lifecycle. It means that the data, from the time it was collected to the time it was stored, used, shared, archived and deleted, can be trusted to be accurate and free from tampering.
Regulations such as the GDPR or Swiss DPA in particular provide for such a requirement as a key principle to ensure that data is adequately protected, which is of utmost importance when it comes to the collection and usage of personal data assets.
By ensuring data integrity, companies ensure that data is exactly as it should be at any given time, which is key for health data, medical information, or contractual documents.
(eg.: with a digital signature (eConsent) for Clinical Trials DCT), etc)
How is Data Integrity achieved by Pryv.io? – Generating a checksum for all data uploaded
When a document or information is created or modified on Pryv.io, a receipt is issued with a “checksum”, which can then be used to detect unexpected modification.
The receipt does not expose any personal data, but simply serves as proof of integrity. You can think of this receipt (checksum) as your data’s fingerprint.
This ability to check for data accuracy and consistency can be very valuable in the context of Remote Clinical Trials. For example: Tom, a participant of the trial, uploads a document on a dedicated online platform to be shared with Dr.Jones, his investigator:
- After the upload is completed, a receipt is issued to Tom with the following checksum: “1582054665”.
- Tom can share the receipt (checksum) with Bob separately. And tell Bob that the document he will get must have the same checksum (“1582054665”).
- Or, Bob could compute the checksum when he receives the document and send it to Dr.Jones, who can then confirm that the “fingerprints” match.
- If a single bit of the document is changed, the checksum will be fully different.
What added value does it bring?
Whether on purpose or by accident, compromising data integrity can not only result in serious risks for the data subjects, but also put the entire company’s reputation and operations at risk. At any given time, individuals using a platform, or an app built on Pryv.io can verify that the data has not been subject to any unauthorized change.
Data Audit & Integrity?
Audit logs maintain a full and complete history of every change that has been made on a piece of data, by whom and when. An audit log is the simplest, yet also one of the most effective forms of tracking temporal information. Any time something significant happens, a record indicating what happened and when it happened, is generated.
Coupled with this audit feature and versioning of Pryv.io, companies can rebuild the data lifecycle to prove the genuinity of the data.
Blockchain – Full data integrity support for Pryv.io enables a new level of trust and confidence between our customers and their partners
The Pryv.io data integrity mechanism is designed to be coupled with a timestamping solution or a blockchain. In that case, the blockchain would keep all the receipts for public (or private) consultation.
Data worths nothing if not trustworthy
At Pryv we continuously work on advancing Pryv.io functionalities to ensure we deliver an outstanding technology not only to meet technical and legal requirements, to ensure confidentiality and trustworthiness of data, but embed trust in any aspect of building a strong relationship with your customers.
Stephanie & Evelina