GDPR-compliant data protection based on full depersonalization
When we talk about data leaks, it mostly means that someone got an access to a database and downloaded all the information. And no matter if it's a bank or a huge social network - any server with its databases has weak points: from infrastructure and system problems to a simple human factor. Until the data is valuable, it's under risk.
In QRepublik we came to a thought: what if the data is not valuable? The weak points of the servers can give an access to the data but if this data is just worthless (in our case - not personalized) it is not a leak as there is nothing private and it doesn't cause any threats to the owner of the data. As a simple example, an information that John has diabetes is valuable data but in case of depersonalization a nameless "diabetes" without any connection to John is just a word not meaning anything private or personal.
With this, we developed QRepublik Key - a system for medical IDs that completely depersonalizes personal data inside the system making it just worthless for stealing. But in case of ID usage the separated blocks of personal information merge together into a profile by an external key kept inside the QR-code and play a lifesaving role.
QRepublik keeps multiple bricks of information which do not merge into anything personal - only unlinked pieces of data with no personalization
The only way to assemble a profile is a QR-code that is in the ID or a part of login which QRepublik does not keep inside
Even the bricks of data are encoded with a key, kept inside a relative brick