This may sound a bit crazy, but is there a way to protect sensitive data from programmers while there are developing the application? (sounds crazy because the programmers has to see the data). For example, we are compiling social data of staff like family components, relationships, members income, health issues, etc. Management want to protect the data from IT support techs that will support this apps and from programmers that will be developing the apps. If there is no way, and IT has to see all the data, what can a company do to manage this situation where very sensitive data is projected to in the system?
What we have come up with is using dumb data (not real data) for developers to create the applications. We will use this data from creation up to validation stage. In data import, the tech responsible has to see this data (so here must be some sort signed agreement) in the support stage since the tech has to see the problem, they have to see data but will not have a test environment with real data.
What u guys think? - any Experts with this type of experience fully appreciated you input