breadcrumb

Legal challenges in data protection

Different industries have very specific requirements for the protection of their sensitive data. With our many years of experience and our products and solutions tailored to your needs, we ensure that you always remain compliant and easily comply with data protection laws worldwide. Learn more:

General Data Protection Regulation (GDPR)

All companies that store or process data about EU citizens are subject to GDPR requirements. Pseudonymization is the only way to reduce the scope of GDPR for  the cloud or other third-party providers.

Data Residency

 

Many countries have enacted data protection laws concerning cross-border data transfers. Examples:

  • In China, the Chinese Cybersecurity Law stipulates that personal and business-related information must not leave the country.
  • The Russian Data Localization Rule says that data collected in Russia must stay inside the country.
  • In Australia, the Personally Controlled Electronic Health Records Act specifies that medical data cannot be processed outside the country.

Workers’ Council

Companies planning to implement IT systems that process employees’ information in Germany must get the system approved by the workers’ council. German law states that council members are responsible for ensuring the protection of employee data, especially if it is processed in cloud systems.

Personal Liability

 

The GDPR states that a company’s CEO is also personally liable for violations against data protection – not just the company itself. They also risk their personal assets. Data encryption has become state-of-the-art protection, so decision makers deciding against it will be liable if a data breach occurs.

International Data Protection Laws

Examples

  • The PCI Data Security Standard (PCI-DSS) 4.0 requires credit card data to be encrypted throughout its lifecycle.
  • The US HIPAA law stipulates that the confidentiality of patient data must be guaranteed.
  • Under the California Consumer Privacy Act (CCPA – similar to the GDPR), companies are obliged to ensure appropriate protection for consumer data about Californian citizens.

Discover more!

Read more about our industry solutions and success stories about Privacy Preserving Analytics:

Are you interested in one of our industry solutions or are you facing a special, individual challenge? Then feel free to contact us.