Since 25th of May 2018, protection of personal data e.g. with respect to transparency and requirements for a legally valid consent, has become priority in numerous areas of european citizen's life. The issue also concerns the once-only principle.
Once-only service means re-using data held in one administration, by providing it to another administration directly. Benefits of such solution are mainly simpler procedures, time and cost savings. Trustworthy data doesn’t have to be manually re-entered over and over again. In relation to GDPR, several key issues are important:
- First is transparency towards the user that should be aware of his data flow between different entities.
- Second is legitimacy of data exchange, which refers to user's consent for any reserved data exchange between different entities.
- Third is accountability: if a mistake in data exchange happens, it must be possible to correct it and quickly exclude from the data exchange chain.
The TOOP project’s solution meets all of this data protection requirements. TOOP IT infrastructure has been designed from the ground up to ensure that it supports and facilitates GDPR compliance.