A New Era in Data Protection
Europe's new General Data Protection Regulation (GDPR) takes effect in May 2018, introducing new protections for individuals and new obligations for companies that collect, use, or process EU citizens' personal information. Given the heavy fines that can result from violations, GDPR compliance should be a top priority for every organization that does business in Europe.
Unlike previous European data protection laws, the GDPR applies to any company that collects or processes the personal information of EU citizens, even if the company is headquartered outside the EU.
The law includes significant new mandates for data controllers (companies that collect personal information on EU citizens) and data processors (companies that store, transmit, or process data on behalf of data controllers):
- Companies must obtain active consent before collecting or processing personal data
- Individuals can request that their personal information be deleted from a company’s database, and can request copies of their data in a portable format
- Companies must notify authorities and affected individuals within 72 hours of a data breach, unless the compromised data is protected by encryption or similar measures
- Each company must appoint a Data Protection Officer to oversee GDPR compliance
- Companies must build data protection into their products and services “by design and by default”
Supervisory authorities will have the power to fine organizations as much as 4% of their annual top-line revenue for violations, and may impose heavier auditing and reporting obligations after a violation.
Meet GDPR Requirements with Smartcrypt
PKWARE’s Smartcrypt can help any organization secure its sensitive data and meet the GDPR's demanding standards for data protection. Smartcrypt delivers persistent strong encryption and intelligent data discovery, ensuring that only authorized users can access data, even when it is shared outside an organization’s network.
Unlike other encryption solutions, Smartcrypt encrypts data the moment it is created or saved. Once Smartcrypt encryption is applied, it stays with the data even when it is copied or moved to other user devices, file servers, or external systems.
Data Protection by Design
Smartcrypt provides strong encryption, along with innovative data discovery functionality that identifies and protects data on user devices and network storage locations. Organizations can use Smartcrypt to secure their sensitive data and demonstrate compliance with GDPR mandates.
|Security of data processing (Article 32)||Organizations must be able to demonstrate they have taken “appropriate technical and organisational measures to ensure a level of security appropriate to the risk,” including encryption of personal data.|
|Data breach notifications (Article 34)||Organizations must notify supervisory authorities and affected individuals within 72 hours of a data breach. However, organizations are exempt from the requirement to notify individuals if the stolen data is protected with encryption.|
|Data protection by design and by default (Article 25)||Organizations must “adopt internal policies and implement measures which meet in particular the principles of data protection by design and data protection by default.”
These principles should be considered when “developing, designing, selecting and using applications, services and products.”
Smartcrypt is designed for maximum flexibility, allowing organizations to implement solutions that meet their unique data protection requirements.
The Smartcrypt client application is installed on each device that will be used to access or store sensitive information. The application can be used to encrypt files, email messages, structured data, and other forms of data on any enterprise operating system. The web-based Smartcrypt management console lets administrators create and apply encryption policies across the entire organization. In addition, the Smartcrypt software development kit lets organizations build strong encryption into their proprietary applications with only a few new lines of code.
Unlike solutions that increase file sizes after encryption, Smartcrypt uses PKWARE’s industry-best compression technology to reduce data volumes before encryption, resulting in lower costs for data storage and transmission.
A detailed look at how the GDPR will change cybersecurity practices around the world.
See how Smartcrypt can help your organization protect its data and comply with the GDPR.
One of our experts will contact you shortly to discuss how to protect your data everywhere it goes.