Users stay retain control over their data

Why we did this project?

Univé is an insurance company that approached us to help them with a seemingly conflict of interests. They wanted to offer better services but that required them to know more about their clients. Clients in return turned out to be unwilling to share more information without a clear understanding of what and why. How could Univé offer more services while still respecting their client’s privacy?

This was a fitting problem for Information Minimisation approach. Information Minimisation is a concrete example of a value within our Software Ethic. We value the minimisation of information sharing within processes because it prevents problems. It ensures the protection of the user’s privacy, it keeps the user in control, it minimizes security risks, it is cheaper, etcetera.

Our approach

We started by explaining to Univé that when starting from their process, and adhering to the information minimisation principle, they could offer more services while keeping clients in control of their data. It required them to take a different perspective. Instead of copying data to their own systems Univé should focus on a system around rights to access certain data. In other words, a contracts oriented system instead of a data oriented system. This made it easier for the client to understand and accept Univé’s proposal.

The difficulties of building software like this

Copying data to your own servers and extracting information yourself is a kneejerk reaction within the IT community. In the past it was necessary to first collect data since you couldn’t access it in real time. But technical advances made this requirement obsolete. You can get the data from the source when you need it. Similar to the fact that we don’t need CD’s anymore. We can all stream music from the same source when we want to.

The benefits of process driven development

To understand what Univé wanted to achieve, and how they planned to do so, we had to start with their processes. Analyzing how they could go from their current situation to their desired situation with as little effort as possible. This includes as little information sharing as possible. Using traditional software engineering approaches would have never resulted in a clear overview what was needed, since that starts at the implementation level and stops before the process level is reached.

What we learned

This project surprised both Univé and ourselves in two major ways. First of all it was stunning to see how little information is actually needed to execute a process. Blinded by old habits experienced software professionals quickly resort to collecting lots of data without really knowing what they need it for. Rigorously enforcing ourselves into thinking about contracts- instead of data systems really opened our eyes onto a whole new perspective.

Secondly it surprised all parties that the contracts based system turned out to be more user friendly. One simple example was sharing one’s address. Instead of filling it out users could simply sign a simple contract (e.g. mark a checkbox) after which Univé could retrieve the address data from a data provider.

You can benefit too

It is crystal clear that a process based approach in building contracts based systems, while adhering to the Software Ethic, results in superior systems. For both companies and users. This approach is not domain specific and applicable to every business process.

This successful project proved that our approach is sane and provided us with some additional insights we will use in following projects. It is enlightening to realize our unique approach serves both our customers and their customers.