General Data Protection Regulation (GDPR)

Comprehensive Data Protection Platform for GDPR Compliance

Overview

The General Data Protection Regulation (GDPR) is considered one of the most stringent privacy and security laws in the world. The regulation came into effect on May 25, 2018. It was drafted by the European Union (EU).

The GDPR applies to any organization even if they are not present in the EU if they process personal data of EU citizens or residents or offer products and services in the region.
Fines for violating the GDPR are very high. With two tiers of penalties, which max out at €20 million or 4% of global revenue (whichever is higher), and an option for data subjects to seek compensation for damages.

In today’s data-centric world that is marred by constant data breaches and personalization of the web, individuals have been left wondering how their data is used and misused. GDPR can be best thought of as a legal framework to enforce effective, and practical data protection for personal data.

GDPR Diagram

WhatWe Do?

product-benefit-image
Encryption and Tokenization
Fortanix helps enterprises secure their sensitive data and achieve privacy compliance with a cloud-based integrated solution for Tokenization, Key Management and Encryption.
product-benefit-image
Quorum approval and Geo-fencing for keys
Fortanix Key Management Service supports quorum approval for multi-signature. Organizations can adopt policies based on the location of data with per key geo-fencing for compliance with GDPR.
product-benefit-image
Centralized tamper proof audit
Fortanix Key Management Service logs every action performed by data processors and the data controller into a centralized audit log. Integrate a data access audit trail to a corporate SIEM or similar platforms.

How Fortanix can help you meet GDPR compliance

benefits icon
Secure encryption keys inside FIPS Level 3 HSM appliance
Data can be encrypted anywhere, with the keys secured inside a FIPS Level 3 appliance which is always under control of the data processor, with RBAC controls, crypto policies, etc.
benefits icon
Fine-grained access controls for users and data
Only the authorized processor gets access to the required data and only for the duration for which a business case exists as required by GDPR.
benefits icon
Data Protection at-rest
Fortanix offers various products to help secure your data at-rest by enabling solutions such as Transparent Data Encryption for various databases, Cloud Key Management for server-side encryption for cloud native databases, in-flight transparent encryption to enable client-side encryption for clouds and SaaS along with hardened FIPS 140-2 Level 3 compliant key management.
benefits icon
Reduce scope of sensitive data and adopt privacy by design.
Certain kinds of personal data should be tokenized or anonymized for better privacy. Fortanix offers these features built in. Fortanix also offers data masking which allows organizations to mask sensitive data before they are processed, greatly reducing GDPR compliance surface.