We'll give you a straight answer.
Network-Wide Privacy Controls
General Data Protection Regulations cover personally identifiable information on European Union (EU) citizens. GDPR goes into effect May 25th,2018 and affect organizations in the EU and most other countries including the US.
Many software vendors claim their solution is GDPR compliant but the buyer should be cautions, because there are lots of exaggerated claims of compliance written by marketing folks.
Privacy Protection Driven By "Purpose"
Protection is not only encryption. Protection is also about “privacy” that is driven by the “purpose” for data access. To be GDPR compliant, access to personal data must be based on the “purpose” for data access.
Here are three (3) specific GDPR clauses where vendors should be questioned on how their solution ensures compliance:
Chapter 2, Article 5 (1c): “adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’):
Chapter 2, Article 5 (1e): “kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed:
Chapter 4, Article 25 (2): “The controller shall implement appropriate technical and organisational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed.
Jenyta protects personal data privacy and security by restricting data access based on the minimum necessary for each specific “purpose” for processing (based on the tasks to be performed). We do this with 11 privacy protection layers plus proprietary encryptions.
Click here for a short video on privacy vs. security.