By Tim Nelson, CIO Farm Health Guardian
It’s hard to overstate the importance of data security in agriculture technology (agtech). When it comes to personal or sensitive data, keeping data secure is critical to prevent theft, reputational harm, misuse of information, modification or improper disclosure.
The Farm Health Guardian system is designed to ensure protection of any data from being used for any purpose other than disease management. And a data breach would have a devastating impact for our company. In fact, nearly one in eight small businesses will be forced into bankruptcy this year, all because of a cyber attack. On top of this, one study found that 60% of all companies that suffer a data breach are forced into bankruptcy within six months1.
It’s for all of these reasons that Farm Health Guardian takes a security by design approach and uses the strictest measures to protect user data.
Farm Health Guardian is compliant with the General Data Protection Regulation (GDPR), which is the toughest privacy and security law in the world.
Farm Health Guardian is compliant with the General Data Protection Regulation (GDPR), which is the toughest privacy and security law in the world. Though it was drafted and passed by the European Union (EU), it imposes obligations onto any organization anywhere that collects data related to people in the EU. Put into effect in May 2018, the GDPR will levy harsh fines against those who violate its privacy and security standards, with penalties reaching into the tens of millions of euros2.
The Farm Health Guardian (FHG) system helps protect livestock and poultry farms from disease spread by recording visitors to farm properties registered on the system by our clients. Only movements in and out of properties protected by FHG are recorded through our app, GPS devices, or vehicles that have linked their GPS with our system. Nothing else is recorded in the system.
It’s not enough just to say we’re GDPR compliant. We have to be able to demonstrate it. Among the ways we do this are:
- Designated data protection responsibilities for the team
- Detailed documentation of the data we’re collecting, how it’s used, who has access, who is responsible for it, and more
- GDPR training for all team members
- An appointed team member as the Data Protection Officer
As a staff team we regularly conduct ‘mock’ data breaches. During these sessions the team works through a hypothetical breach, and most importantly, ensures the measures are in place to prevent a real-life breach.