Data protection for every industry
Different industries have very specific requirements for the protection of their sensitive data. With our many years of experience, we can therefore offer you products and solutions that are precisely tailored to your needs. Find out more:
Banks and financial supervisory authorities around the world deliver strict regulations governing the handling of sensitive finance and customer data. The laws are particularly stringent in Switzerland, Singapore and Luxemburg. PII data must not leave those countries or be stored in the cloud without the consent of the customer. The Open Banking Standard, based on the EU’s Payment Services Directive 2 (PSD2), also obliges banks to secure financial data made available to third-party providers via standardized APIs.
Financial supervisory authorities around the world enforce strict regulations governing the handling of sensitive finance and customer data. For example, in October 2019 Germany’s Federal Financial Supervisory Authority (BaFin) further tightened its data protection and cloud usage guidelines for capital management companies.
Medical data is considered critical and is therefore subject to EU GDPR requirements, Australias Personally Controlled Electronic Health Records Act or the US HIPAA. Insurance companies must abide by strict rules, especially when they outsource processes to third-party providers or create electronic patient files.
Special data protection laws in this area limit the use of the cloud or forbid it entirely:
- Section 203 of the German Criminal Code applies to public sector workers with security clearance.
- Germany’s federal directive on classified information comprises stringent regulations.
- Usage of the Office 365 cloud is seen as critical.
People subject to professional confidentiality, such as company auditors, must also observe a duty of care concerning their customer data in accordance with Section 203 of the German Criminal Code. That stipulates that they can only use cloud applications if they have sufficient protection.
Data protection in the healthcare sector falls under medical secrecy rules, also covered in Section 203 of the German Criminal Code, and comprises stringent requirements for people subject to professional confidentiality.
The EU GDPR, the Personally Controlled Electronic Health Records Act in Australia or the US HIPAA stipulate that personal data like patient information must be protected from misuse, especially if the data is stored in the cloud.
This industry processes masses of PII data every day during customer service and support processes. Companies storing this data in the cloud must comply with the EU GDPR or the California Consumer Privacy Act (CCPA) for example.
Future-oriented energy concepts with smart home devices and intelligent power meters oblige providers to clearly regulated data protection based on EU GDPR.
The data must also be pseudonymized if providers undertake centralized analyses aimed at increasing energy network intelligence or maintaining supply availability.
With the increasing use of cloud-based systems and production processes, along with the EU GDPR coming into force, data protection is being taken more seriously. Companies wanting to take a responsible attitude to the way PII data in the cloud flows between employees, customers and suppliers need to adopt legally-compliant encryption and pseudonymization.
Manufacturing / Trade / Logistics
In these days of Industry 4.0 and IoT, manufacturing sites and their machines are becoming increasingly connected – and collect data both autonomously and automatically. As machine data may include PII data, especially if the device collects information about users, the EU GDPR applies here too. This can get particularly critical if machine data can be associated with a particular employee.
Find out more about our solutions for Privacy Preserving Analytics and legal challenges: