SlideShare a Scribd company logo

How to ensure SOX, HIPAA, & GDPR Compliance in Dev and Test

Red Gate Software, profile picture
Red Gate Software

The document discusses compliance with regulations such as SOX, HIPAA, and GDPR during development and testing phases, highlighting the risks of data breaches and the need for protecting sensitive data. It emphasizes the importance of effective processes for ensuring compliance and showcases a case study on SQL provisioning to maintain compliance while using realistic data for testing. The document concludes with an invitation for further discussion and resources for learning more about compliance strategies.

Software
1 of 14
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
How to ensure SOX, HIPAA, & GDPR compliance in Dev and Test
Your Presenter Chris.Unwin@red-gate.com Chris Unwin Data Privacy Specialist DBAle on Spotify and iTunes /in/christopherunwincambridge/
How to ensure SOX, HIPAA, & GDPR Compliance in Dev and Test
• Privilege misuse: 12% • Hacking: 48% • (Healthcare) Internal: 56% • (Finance) External: 92% • No. 1 asset involved: Database Sources of breaches *Study from 2018 Data Breach Investigations Report- Verizon
Privacy regulations around the world such as HIPAA, SOX, GDPR, CCPA, SHIELD etc. demand effective and repeatable processes for protecting sensitive data. Or… Data Protection by Design and by Default.
• HIPAA: Up to$1.5m & 10 years in prison • SOX: Up to$5m & 20 years in prison • GDPR: Up to €20m or 4% of annual global turnover • POPI: Up to R10 million & 12 months in prison • PIPEDA: Up to $100,000 Cost of non compliance
Most Organizations do ‘copy-down’ Live Data
How can we stay compliant AND use production-like data?
A small attack surface makes compliance easier • PII in all environments • Higher risk 1TB QA 1TB Test 1TB Dev 1TB Prod • PII only in PROD • Lower risk 0TB QA 0TB Test 0TB Dev 1TB Prod Vs
SQL Provision In Action
Case study • Masked PHI without jeopardizing data integrity • Supply realistic data for testing • New off-shore development team HIPAA compliant • Saving 15-20 hours a week in provisioning processes • Reclaimed terabytes of disk space
Benefits – recap
Q&A Session
Next steps • Speak to us: SQLProvision@red-gate.com • Learn more: red-gate.com/sql-provision

More Related Content

PPTX
GDPR Part 1: Quick Facts
Adrian Dumitrescu
 
PPTX
Security v. Privacy: the great debate
David Strom
 
PDF
GDPR Webinar - feb
Sophos Benelux
 
PPTX
David doughty presentation 181119
David Doughty
 
PDF
The Trick to Passing Your Next Compliance Audit
SBWebinars
 
PDF
Better to Ask Permission? Best Practices for Privacy and Security
Eric Kavanagh
 
PDF
Cyber and Data Risks
risksmith
 
PPSX
Baretzky & Associates Presentation.
Ricardo Bn. Baretzky
 
GDPR Part 1: Quick Facts
Adrian Dumitrescu
 
Security v. Privacy: the great debate
David Strom
 
GDPR Webinar - feb
Sophos Benelux
 
David doughty presentation 181119
David Doughty
 
The Trick to Passing Your Next Compliance Audit
SBWebinars
 
Better to Ask Permission? Best Practices for Privacy and Security
Eric Kavanagh
 
Cyber and Data Risks
risksmith
 
Baretzky & Associates Presentation.
Ricardo Bn. Baretzky
 

What's hot (16)

PDF
Your data is showing
Madison Kerndt
 
PPTX
Privacy Discusssion GM667 Saint Mary's University of MN
Saint Mary's University of Minnesota
 
PPTX
GDPR How ready are you? The What, Why and How.
James Seville
 
PDF
Seattle Tech4Good meetup: Data Security and Privacy
Sabra Goldick
 
PDF
Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull.com
 
PPTX
Online privacy & security
Priyab Satoshi
 
PPTX
Cyber threat trends
Stephen Richards
 
PDF
Improve Cybersecurity Education Or Awareness Training
Triskele Labs
 
PDF
PIPL - Steady Growth & Asset Monetization
Dr. Sanjeev B Ahuja
 
PPTX
Privacy: Protecting Personal Information
Jonathan Bacon
 
PPTX
Justin Harvey - Apple vs DOJ: Privacy in Today's Enterprise
centralohioissa
 
PDF
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
PDF
How to Response Cyber Data Breaches at Pakistan
Maven Logix
 
PDF
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Shawn Tuma
 
PPTX
Ensuring GDPR Compliance - A Zymplify Guide
Zymplify
 
PDF
7 Key GDPR Requirements & the Role of Data Governance
DATUM LLC
 
Your data is showing
Madison Kerndt
 
Privacy Discusssion GM667 Saint Mary's University of MN
Saint Mary's University of Minnesota
 
GDPR How ready are you? The What, Why and How.
James Seville
 
Seattle Tech4Good meetup: Data Security and Privacy
Sabra Goldick
 
Logikcull Webinar: Preventing the #1 Litigation Risk
Logikcull.com
 
Online privacy & security
Priyab Satoshi
 
Cyber threat trends
Stephen Richards
 
Improve Cybersecurity Education Or Awareness Training
Triskele Labs
 
PIPL - Steady Growth & Asset Monetization
Dr. Sanjeev B Ahuja
 
Privacy: Protecting Personal Information
Jonathan Bacon
 
Justin Harvey - Apple vs DOJ: Privacy in Today's Enterprise
centralohioissa
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Gohsuke Takama
 
How to Response Cyber Data Breaches at Pakistan
Maven Logix
 
Real World Cybersecurity Tips You Can Use to Protect Your Clients, Your Firm,...
Shawn Tuma
 
Ensuring GDPR Compliance - A Zymplify Guide
Zymplify
 
7 Key GDPR Requirements & the Role of Data Governance
DATUM LLC
 
Ad

Similar to How to ensure SOX, HIPAA, & GDPR Compliance in Dev and Test (20)

PDF
Don't think DevOps think Compliant Database DevOps
Red Gate Software
 
PDF
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DevOps.com
 
PDF
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
ARMA International
 
PPTX
BSI: Compliance and the Art of Possible
Executive Leaders Network
 
PPTX
GDPRBrief.pptx
BabatundeAbioye2
 
PDF
Data- and database security & GDPR: end-to-end offer
Capgemini
 
PPTX
GDPR in the Healthcare Industry
EMMAIntl
 
PDF
PCI DSS Compliance in India .
Kiara Singh
 
PDF
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
ControlCase
 
PPTX
The EU General Protection Regulation and how Oracle can help
Niklas Hjorthen
 
PDF
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
Gary Dodson
 
PPTX
Data protection and privacy in the world of database DevOps
Red Gate Software
 
PPTX
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
Cloudera, Inc.
 
PDF
Mastering Data Compliance in a Dynamic Business Landscape
Denodo
 
PPTX
Microsoft dynamics 365 for small and medium sized charities - session 2 gdpr
m-hance
 
PDF
Maintaining Data Privacy with Ashish Kirtikar
ControlCase
 
PDF
How to implement gdpr in your document repository
XeniT Solutions nv
 
PDF
GDPR - Sink or Swim
Guy Griffiths
 
PDF
Setting the right GDPR priorities
Alberto Canadè
 
PPTX
Webinar: Introduction to GDPR - What It Is and How It Will Affect Your Business
WithumSmith+Brown, formerly Portal Solutions
 
Don't think DevOps think Compliant Database DevOps
Red Gate Software
 
DBAs - Is Your Company’s Personal and Sensitive Data Safe?
DevOps.com
 
Richard Hogg & Dennis Waldron - #InfoGov17 - Cognitive Unified Governance & P...
ARMA International
 
BSI: Compliance and the Art of Possible
Executive Leaders Network
 
GDPRBrief.pptx
BabatundeAbioye2
 
Data- and database security & GDPR: end-to-end offer
Capgemini
 
GDPR in the Healthcare Industry
EMMAIntl
 
PCI DSS Compliance in India .
Kiara Singh
 
2022-Q3-Webinar-PPT-DataProtectionByDesign.pdf
ControlCase
 
The EU General Protection Regulation and how Oracle can help
Niklas Hjorthen
 
GDPR solutions (JS Event 28/2/18) | Greenlight Computers
Gary Dodson
 
Data protection and privacy in the world of database DevOps
Red Gate Software
 
GDPR: 20 Million Reasons to get ready - Part 1: Preparing for compliance
Cloudera, Inc.
 
Mastering Data Compliance in a Dynamic Business Landscape
Denodo
 
Microsoft dynamics 365 for small and medium sized charities - session 2 gdpr
m-hance
 
Maintaining Data Privacy with Ashish Kirtikar
ControlCase
 
How to implement gdpr in your document repository
XeniT Solutions nv
 
GDPR - Sink or Swim
Guy Griffiths
 
Setting the right GDPR priorities
Alberto Canadè
 
Webinar: Introduction to GDPR - What It Is and How It Will Affect Your Business
WithumSmith+Brown, formerly Portal Solutions
 
Ad

More from Red Gate Software (20)

PDF
The future of DevOps: fully left-shifted deployments with version control and...
Red Gate Software
 
PDF
Embracing DevOps through database migrations with Flyway
Red Gate Software
 
PPTX
Database DevOps for Managed Service Providers
Red Gate Software
 
PDF
Mizuho Financial: Launching our Database DevOps journey
Red Gate Software
 
PDF
7 steps to effective SQL Server monitoring
Red Gate Software
 
PDF
Level up your deployments for SQL Source Control
Red Gate Software
 
PDF
Key findings from the 2020 state of database dev ops report
Red Gate Software
 
PPTX
Extend DevOps to Your SQL Server Databases
Red Gate Software
 
PDF
2019 year in review slides
Red Gate Software
 
PPTX
What we learned at PASS Summit in 2019
Red Gate Software
 
PPTX
Quality in Software Development: Anglia Ruskin University
Red Gate Software
 
PPTX
How SQL Change Automation helps you deliver value faster
Red Gate Software
 
PPTX
DevOps essentials from Abel Wang and Steve Jones
Red Gate Software
 
PPTX
Successfully migrating existing databases to Azure
Red Gate Software
 
PPTX
The Ultimate Guide to Choosing and Implementing the Right Monitoring Tool
Red Gate Software
 
PDF
Everything You Need to Know About the 2019 DORA Accelerate State of DevOps Re...
Red Gate Software
 
PDF
Using Redgate, AKS and Azure to bring DevOps to your database
Red Gate Software
 
PDF
Using Redgate, AKS and Azure to bring DevOps to your Database
Red Gate Software
 
PDF
How to Pitch a Software Development Initiative and Ignite Culture Change
Red Gate Software
 
PDF
Taming the Wild West
Red Gate Software
 
The future of DevOps: fully left-shifted deployments with version control and...
Red Gate Software
 
Embracing DevOps through database migrations with Flyway
Red Gate Software
 
Database DevOps for Managed Service Providers
Red Gate Software
 
Mizuho Financial: Launching our Database DevOps journey
Red Gate Software
 
7 steps to effective SQL Server monitoring
Red Gate Software
 
Level up your deployments for SQL Source Control
Red Gate Software
 
Key findings from the 2020 state of database dev ops report
Red Gate Software
 
Extend DevOps to Your SQL Server Databases
Red Gate Software
 
2019 year in review slides
Red Gate Software
 
What we learned at PASS Summit in 2019
Red Gate Software
 
Quality in Software Development: Anglia Ruskin University
Red Gate Software
 
How SQL Change Automation helps you deliver value faster
Red Gate Software
 
DevOps essentials from Abel Wang and Steve Jones
Red Gate Software
 
Successfully migrating existing databases to Azure
Red Gate Software
 
The Ultimate Guide to Choosing and Implementing the Right Monitoring Tool
Red Gate Software
 
Everything You Need to Know About the 2019 DORA Accelerate State of DevOps Re...
Red Gate Software
 
Using Redgate, AKS and Azure to bring DevOps to your database
Red Gate Software
 
Using Redgate, AKS and Azure to bring DevOps to your Database
Red Gate Software
 
How to Pitch a Software Development Initiative and Ignite Culture Change
Red Gate Software
 
Taming the Wild West
Red Gate Software
 

Recently uploaded (20)

PDF
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
PDF
System and Network Administration Chapter 2
jaramharo
 
PDF
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 
PDF
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 
PPTX
Odoo POS Development Services by CandidRoot Solutions
CandidRoot Solutions Private Limited
 
PDF
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
PDF
Cost to Outsource Software Development in 2025
Omega Incorporations- Best Software Development Company
 
PDF
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
PDF
medical staffing services at VALiNTRY
Tiyan Grayson
 
PDF
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
PDF
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
PPTX
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
PDF
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
PDF
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
PDF
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
PPTX
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
PPTX
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
PDF
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
PPTX
assetexplorer- product-overview - presentation
nonameist3434
 
PDF
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 
T3DD25 TYPO3 Content Blocks - Deep Dive by André Kraus
Andre Kraus
 
System and Network Administration Chapter 2
jaramharo
 
Digital Strategies for Manufacturing Companies
Virendra Rai, PMP
 
Softaken Excel to vCard Converter Software.pdf
markwillsonmw004
 
Odoo POS Development Services by CandidRoot Solutions
CandidRoot Solutions Private Limited
 
PTS Company Brochure 2025 (1).pdf.......
pts464036
 
Cost to Outsource Software Development in 2025
Omega Incorporations- Best Software Development Company
 
Upgrade and Innovation Strategies for SAP ERP Customers
Virendra Rai, PMP
 
medical staffing services at VALiNTRY
Tiyan Grayson
 
Digital Systems & Binary Numbers (comprehensive )
fyfhqfhtv2
 
Internet Downloader Manager (IDM) Crack 6.42 Build 42 Updates Latest 2025
itskinga12
 
Computer Software and OS of computer science of grade 11.pptx
GauravDahal9
 
Claude Code: Everyone is a 10x Developer - A Comprehensive AI-Powered CLI Tool
William Chong
 
iTop VPN Free 5.6.0.5262 Crack latest version 2025
itskinga12
 
Wondershare Filmora 15 Crack With Activation Key [2025
ghrom2211g
 
Oracle E-Business Suite: A Comprehensive Guide for Modern Enterprises
Conacent Consulting
 
Embracing Complexity in Serverless! GOTO Serverless Bengaluru
SheenBrisals
 
wealthsignaloriginal-com-DS-text-... (1).pdf
skmiani786
 
assetexplorer- product-overview - presentation
nonameist3434
 
Odoo Companies in India – Driving Business Transformation.pdf
azhuhardeen1968
 

How to ensure SOX, HIPAA, & GDPR Compliance in Dev and Test

  • 1. How to ensure SOX, HIPAA, & GDPR compliance in Dev and Test
  • 2. Your Presenter Chris.Unwin@red-gate.com Chris Unwin Data Privacy Specialist DBAle on Spotify and iTunes /in/christopherunwincambridge/
  • 4. • Privilege misuse: 12% • Hacking: 48% • (Healthcare) Internal: 56% • (Finance) External: 92% • No. 1 asset involved: Database Sources of breaches *Study from 2018 Data Breach Investigations Report- Verizon
  • 5. Privacy regulations around the world such as HIPAA, SOX, GDPR, CCPA, SHIELD etc. demand effective and repeatable processes for protecting sensitive data. Or… Data Protection by Design and by Default.
  • 6. • HIPAA: Up to$1.5m & 10 years in prison • SOX: Up to$5m & 20 years in prison • GDPR: Up to €20m or 4% of annual global turnover • POPI: Up to R10 million & 12 months in prison • PIPEDA: Up to $100,000 Cost of non compliance
  • 7. Most Organizations do ‘copy-down’ Live Data
  • 8. How can we stay compliant AND use production-like data?
  • 9. A small attack surface makes compliance easier • PII in all environments • Higher risk 1TB QA 1TB Test 1TB Dev 1TB Prod • PII only in PROD • Lower risk 0TB QA 0TB Test 0TB Dev 1TB Prod Vs
  • 11. Case study • Masked PHI without jeopardizing data integrity • Supply realistic data for testing • New off-shore development team HIPAA compliant • Saving 15-20 hours a week in provisioning processes • Reclaimed terabytes of disk space
  • 14. Next steps • Speak to us: SQLProvision@red-gate.com • Learn more: red-gate.com/sql-provision