Testing and development with high quality test data is essential to deliver state-of-the-art software solutions. As there are many questions about which data is allowed as test data, The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) included frequently asked questions from organizations about testing.
“That is not recommended. Testing is a complex process, requiring care and multiple separate environments. Testing with personal data involves risks.
The people you process personal data from do not expect you to use their data for testing purposes. This means, among other things, that you must have a separate basis for testing.
Furthermore, it is often not necessary to test with personal data, because alternatives are available in the market. That is one of the reasons why testing with personal data is difficult to reconcile with the GDPR.
Only at the end of a development and testing process (when you deploy to production), you can read personal data into the new system during the transition or conversion. And that processing must also be done very carefully.”
“You can explore the availability of synthetic data or mock data and always make sure that the dataset you want to use does not contain personal information.
For example, the National Identity Data Service offers a range of test citizen service numbers.
Do you want to test whether a new system or application generates the same results as the old system or application? Also then, you can often use test data in both applications.”
Our Syntho Engine is optimized for generating synthetic data with AI for test data purposes. This offers many organizations an easy and fast solution to generate compliant production-like test data.
Interested? Feel free to contact our experts, to schedule a demo or to join our synthetic test data webinar.
Discover more about the Dutch Data Protection Authority here.