Hacker News new | past | comments | ask | show | jobs | submit login

Honest question, who can keep the access to production in the eye of GDPR?



Operations staff gets access to production machines with Operations being explicitly forbidden from producing code that runs on the systems.

There are still vectors for bad actors of course, but the idea is to firewall those who write the code from those who run it.


the production team can. it has made very hard to debug. Now the production team has to do most of the debug work, they have to give us anonymised data (and you cant turn personal data in anomymous data. it would be pseudonymous at best) that trigger the bug.

It can be pretty hard if your organization was not organized with this in mind in the first place.


Honest answer, everyone who claims to be GDPR or HIPAA compliant is lying and hopes you never find out.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: