Case Study

Medical Imaging Company Meets GDPR Compliance with Fortanix Enterprise Key Management Solution

hero image

Customer Profile 

The customer is a worldwide leader in AI-powered medical imaging, delivering powerful diagnostics to support optimal treatment decisions for improved patient outcomes. The customer uses Amazon Web Services (AWS) as their Cloud Service Provider (CSP).  

Industry

Healthcare

Use Cases

Compliance

Products

Fortanix  Logo

Data Security Manager

Download Case Study

Business Challenge:

  • The customer wanted to secure Personally Identifiable Information (PII) and Protected Health Information (PHI) for their EU business operations. This requirement comes in response to the General Data Protection Regulation (GDPR). 
  • The data being stored in the AWS cloud environment required sovereign control and ownership of their cloud encryption keys.
  • In this case, because AWS is a US-based company, under the US PATRIOT Act, the CSP could be compelled to hand over encryption keys to the US government, along with the stored PII/PHI data.
Business Challenge

Solutions

Fortanix Key Management Service
Fortanix Key Management Service

Fortanix offers a comprehensive Cloud Native Key Management Service for AWS, including Bring Your Own Key (BYOK) and Bring Your Own KMS (BYOKMS), with complete lifecycle management for automation.  The Fortanix platform is built on Confidential Computing technology, utilizing integrated FIPS 140-2 level 3 certified HSMs.

Software as a Service (SaaS)
Software as a Service (SaaS)

The Fortanix solution provides the customer with centralized control over the lifecycle of their keys, whether they are used on-premises or in the cloud. And, because the Fortanix solution is Software as a Service (SaaS), they did not have to deploy a complex key management solution themselves.

Data Tokenization
Data Tokenization

The customer has sole key custody. Neither Fortanix nor AWS can access the keys that protect the customer's data. This additional layer of security means that—even if requested under the US PATRIOT Act—the CSP would not be able to provide the data hosted in their environment.

Benefits

Benefits
Fast Business Expansion
Fast Business Expansion

With Fortanix Data Security Manager (DSM) SaaS, the customer can confidently operate and expand within the EU market without overhauling its existing cloud-first model.

Ensure Regulatory Compliance
Ensure Regulatory Compliance

They can comply with the GDPR’s requirements by ensuring that sensitive data, including PII and PHI, is encrypted, and that they have exclusive control over their encryption keys.

Mitigate Risk
Mitigate Risk

Compliance mitigates the risk of fines and legal issues, solidifies the company’s reputation for protecting customer data, encourages customer loyalty, and opens new opportunities in the European market.

Minimize Disruption
Minimize Disruption

Because the Fortanix solution integrates with the customer’s existing AWS environment, they were able to continue benefiting from the cloud’s agility, scalability, and cost-efficiency without re-engineering their solution for the EU market.

Easy to Deploy and Manage

The easy SaaS deployment of Fortanix DSM allowed the customer to implement the solution with minimal disruption. Moreover, the solution’s operational simplicity reduced the need for extensive training or specialized staff, avoiding the need to add staff.

Ready to start modernizing your data security infrastructure?

See how it happens on Fortanix.

Fortanix-logo

4.6

star-ratingsgartner-logo

As of August 2025

SOC-2 Type-2ISO 27001FIPSGartner LogoPCI DSS Compliant

US

Europe

India

Singapore

3910 Freedom Circle, Suite 104,
Santa Clara CA 95054

+1 408-214 - 4760|info@fortanix.com

High Tech Campus 5,
5656 AE Eindhoven, The Netherlands

+31850608282

UrbanVault 460,First Floor,C S TOWERS,17th Cross Rd, 4th Sector,HSR Layout, Bengaluru,Karnataka 560102

+91 080-41749241

T30 Cecil St. #19-08 Prudential Tower,Singapore 049712