The paper deals with the certification of software products for qualified electronic signature and seals (hereinafter QESS), audit performance, methodology, legislative requirements and changes were brought to this area by EU No. 910/2014 (eIDAS) and Act No. 272/2016 Z. z. about credible services. Electronic signature is gradually becoming a part of our everyday life. An inseparable part of this broad issue are the software resources for QESS, including their security and credibility. The paper will address some issues of security and credibility, certification, deployment, and operation.

The presentation will discuss the Act on deletion / oblivion of data in the information system as requested by the data owner. Seemingly clear request can have fatal procedural and technical consequences for information system providers. Is the “denial of service” scenario utopian?

The most valuable thing we own

Why not to miss the presentation?
It will be the art of impossible. And it will be expensive. It is a real challenge to combine protection of company needs with non violation of the privacy at the same time. Join the discussion, together we can think better.

Executive Summary:
Today close attention is paid to privacy and personal data protection. The existing legislative measures, as well as measures  under preparation, will represent an increasing burden for companies and for the government. However trends in information systems development are moving in a direction, that fulfillment of legislative obligations is getting more and more complicated or impossible. It will be expensive to find a solution to protect the company’s interest and in the same time not to violate privacy (personal data).

Good intention and technological design are necessary but insufficient elements to make a project successful. It is necessary to prepare and think about, prior to commencement of a project, further supporting tools such as motivation of own employees when the project is launched and preparation of target group of users (professional preparation, motivation, communication). It is important to think about the right time to launch and operate a project. It is necessary to be prepared for a sufficiently long transitional period, during which the project users learn the new procedures and get accustomed to them. The importance of communication with future users when solving problems of operation (helpdesk and its capacity and professionalism). Two different groups of users and mastering of two new electronic services will be compared in the examples.

Technology, tools and processes of an IT project must correspond to the intention of the project. They must not block, restrict or slow the project down. They must improve, accelerate and make the existing processes more effective. I will emphasize the differences in technology, tools and processes upon implementation of similar projects in the state and private sector. I will present examples of limits and differences in laws applied to the private and state sector and  their impact on the execution of projects.
A project of electronic services must be based on a proof of cost-effectiveness from the beginning. I will point to the influence of attractiveness, legislation and technology on the effectiveness and return on investment. Electronic services should not be perceived only as an "automation" process of the existing hard copy processes. That way will not bring any improvement, on the contrary, application of new technology will overprice the whole execution. New technology = new processes = change of attitude and thinking of employees and users is the prerequisite for simplification of the whole system and efficiency of implementation.