Fortanix External Key Manager for Google Cloud Platform Enables University of Groningen Overcome GDPR and Schrems II Compliance Challenges for Private Healthcare Data

Deployment in less than a week and complete control of keys help customer quickly achieve needed European data sovereignty and compliance
MOUNTAIN VIEW, Calif., August 18, 2022

Fortanix® Inc., the pioneer in data-first multicloud security and Confidential Computing, today announced that its External Key Manager paired with Google Cloud Platform (GCP) is helping customers in Europe, and around the world, create, store and manage encryption keys outside of the public cloud in a seamless manner.

The capability, delivered as a service, is a part of Fortanix Data Security Manager (DSM), resulting from its partnership with Google. It allows security-conscious customers to derive benefits from the power of Google Cloud Platform and Fortanix’s best-in-class, modern external key management system to comply with strict privacy regulations such as GDPR and Schrems II in Europe, taking a data-first approach to the solution.

Fueling Research on Sensitive Healthcare Data

The University of Groningen is a large, prestigious public university in the Netherlands. The university is pioneering behavioral research in populations of people suffering from mental illnesses and brain diseases using smartphone based behavioral data.

Handling sensitive healthcare data requires a very strong security and privacy posture and entails handling large volumes of sensitive and private healthcare data, which is stored in Google Cloud Platform (GCP).

“We were looking for a vendor selected by Google Cloud as a trusted provider of encryption services that could integrate directly with Google Cloud Platform,” said Raj Jagesar, University of Groningen. “Fortanix met this criterion and stood out as the vendor of choice with the most mature operational dashboard for independent management of keys.” Jagesar continues: “Equally as mature was the modern application programming interface (API) of the solution which enabled us to integrate and deploy Fortanix DSM SaaS in less than a week.”

Fortanix Data Security Manager delivers powerful capabilities including:

  • Multiple Key Storage and Security Options: The ability to store and protect encryption keys in the cloud or on-premises with FIPS 140-2 Level 3 HSMs.
  • Kill Switch: Fortanix offers a kill switch where an administrator can simply disable the key used and new queries for datasets associated with the Fortanix key are prevented from being accessed.
  • Enforce Access Policies: Enforce access to data at rest for Google services like BigQuery and Compute Engine.
  • Cloud Encryption Key Backup and Disaster Recovery: Back up, restore, and re-import master encryption keys for public cloud KMS.
  • Cloud- and DevOps-Friendly APIs: All security functions are supported as RESTful APIs for easy integration to cloud-native tools and technologies.
  • Compliance with Regulations Globally: Helps meet compliance with regulations like GDPR, CCPA, Schrems II, HIPAA etc., and data sovereignty laws around the world.

"Separating keys from data and ensuring that no single entity can compromise this equation, is required to meet the highest level of compliance. Europe is at the forefront of regulating and enforcing these requirements to protect privacy. Fortanix's technology and partnership with the power of Google Cloud Platform helps customers tackle GDPR and Schrems II challenges head-on," said Faiyaz Shahpurwala, Chief Product and Strategy Officer at Fortanix. "Regions around the world have separate and distinct privacy requirements, and we're proud to enable our customers with the highest level of compliance in Europe, which has some of the strictest data protection regulations, as well as globally."

Fortanix External Key Manager for GCP is available today; sign up for a free 30-day trial. For more information:

About Fortanix:

Fortanix secures data, wherever it is. Fortanix helps businesses of all sizes to modernize their data security solutions on-premises, in the cloud and everywhere in-between. Enterprises worldwide, especially in privacy-sensitive industries like healthcare, fintech, financial services, government, and retail, trust Fortanix for data security, privacy and compliance. Fortanix investors include Intel Capital, Foundation Capital, Neotribe Ventures, and In-Q-Tel. Fortanix is headquartered in Mountain View, CA For more information, visit

Fortanix and Runtime Encryption are registered trademarks of Fortanix, Inc. Fortanix Data Security Manager is a trademark of Fortanix, Inc. All other marks and names mentioned herein may be trademarks of their respective companies.
FIPS 140-1 and FIPS 140-2 TM: A Certification Mark of NIST, which does not imply product endorsement by NIST, the U.S. or Canadian Governments

Share this post: