General Data Protection Regulation (GDPR) Compliance

nCipher Security enables compliance with key provisions of the GDPR, strengthening organizations' security postures while helping them avoid financial penalties

#FITforGDPR

Global Map

Regulation

Active Now

GDPR

General Data Protection Regulation (GDPR) Compliance

Perhaps the most comprehensive data privacy standard to date, GDPR affects any organization that processes the personal data of EU citizens - regardless of where the organization is headquartered.

Thales eSecurity can help you comply with the critical Article 5, 32 and 34 GDPR rules related to:

  • The pseudonymisation and encryption of personal data;
  • The unauthorized access to personal data.
GDPR Overview

The General Data Protection Regulation is here. The GDPR is designed to improve personal data protections and increase organizational accountability for data breaches. With potential fines of up to four percent of global revenues or 20 million EUR (whichever is higher), the regulation certainly has teeth. No matter where your organization is located, if it processes or controls the personal data of EU residents, you need to be ready.

Specific Requirements

Some of the key provisions of the GDPR require organizations to:

  • Process personal data in a manner that ensures its security, “including protection against unauthorised or unlawful processing” (Article 5)
  • Implement technical and organizational measures to ensure data security appropriate to the level of risk, including “pseudonymisation and encryption of personal data." (Article 32)
  • Communicate “without undue delay” personal data breaches to the subjects of such breaches "when the breach is likely to result in a high risk to the rights and freedoms" of these individuals. (Article 34)
  • Safeguard against the "unauthorized disclosure of, or access to, personal data." (Article 32)
Strong Encryption Key Protection

Ensure that encrypted personal data remains unreadable, as defined by GDPR, by protecting encryption keys with FIPS-certified nCipher HSMs.

Authorized User Controls

Establish a secure and scalable PKI that helps ensure that only authorized users and devices have access to sensitive data. Using nCipher HSMs to help secure the process of issuing certificates and proactively manage private keys creates a high-assurance foundation for digital security.

Brochure : nCipher HSM brochure

nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Available in three FIPS 140-2 certified form factors, nShield HSMs support a variety of deployment scenarios.

Download

Other key data protection and security regulations

GDPR

GDPR Thumbnail

Regulation

Active Now

Perhaps the most comprehensive data privacy standard to date, GDPR affects any organisation that processes the personal data of EU citizens - regardless of where the organisation is headquartered.

Learn More

PCI DSS

GDPR Thumbnail

Mandate

Active Now

Any organisation that plays a role in processing credit and debit card payments must comply with the strict PCI DSS compliance requirements for the processing, storage and transmission of account data.

Learn More
Contact a Compliance Specialist Contact Us
Read the Compliance and Regulations Solutions Handbook Read the eBook
Want to be part of our team? Explore
Get in contact with a specialist Contact Us