GDPR and databases

In the application of the GPDR regulation, databases (BP) are of great importance because they contain a large amount of data, some of which are covered by this regulation.


The data should be adequately protected, using known methods of identification, authentication and user authorization and encrypting sensitive data.
Furthermore, we definitely need to monitor changes over the data (data audit) – the only question is to what level of detail.
In the event of a BP server crash, a second BP server needs to be booted up quickly, and it is best to do so (almost) instantly, using a secondary BP disaster recovery server, which is updated (almost) instantly based on data from the primary BP server.
At the same time, we must be aware that tracking changes in data (data audit) and data replication, in addition to good features, also have a drawback – we must make sure that these “copies of data” comply with the GPDR regulation.