GDPR Edge is a collaboration between BDO USA, LLP and IntraEdge, powered by Intel® Software Guard Extensions (SGX), delivering a blockchain-based solution for the General Data Protection Regulation (GDPR). It brings Blockchain security and data lake architecture to the unique data privacy requirements of the GDPR. Specifically, GDPR Edge allows companies to provide data subjects with the ability instantly see any data a company has tied to them. It also enables an automated and auditable series of events to accept and process requests to forget, contest and transfer that data.
Data Lake at the Core
The GDPR Edge platform accomplishes all of this by ingesting data from any API-driven data source into a centralized data lake, deployed either in a multi-tenant environment or on a company’s own cloud or premise environment. GDPR Edge then provides portal views into that data lake for the data subject, the auditor, and a company’s own administrators, staff and DPO. Companies can then leverage this data lake as a central repository of all customer data and interaction, opening up the ability to employ modern business intelligence tools to create value where it never existed before
Visible Compliance: Integration Anywhere Data Is Collected
GDPR Edge also integrates with any interaction point where a company may be collecting information from data subjects. These can include digital interactions through a website, e-commerce, email marketing or mobile apps, as well as physical interaction points such as a physical point-of-sale, kiosk, or trade show interaction. All of these interactions produce data transactions which are fed into the data lake and matched to the appropriate data subject record using easy-to-deploy transaction IDs and direct integration methods. In this way, GDPR Edge enables any company to be visibly and conspicuously compliant with privacy at every interaction.
Secured and Auditable by a Blockchain
Leveraging Hyperledger Sawtooth, GDPR Edge creates a trusted record of all data subject access requests (DSARs), time-stamped and immutable, along with all mitigation steps by a company to fulfill that request. Complete with a workflow engine and straightforward GDPR reporting, GDPR Edge provides an out-of-the-box solution to accept and process DSARs in a way that stands up to third-party scrutiny.
Scalable and Extensible through Automation
For companies that expect only a few DSARs, to those bracing for tens of thousands per year, the GDPR Edge platform can support a largely manual effort or fully automate your DSAR mitigation operations. With automation available natively in the platform and through APIs to unlimited back end systems, GDPR Edge can grow with any company as its policies and needs change over time.
Implement in Days and Automate Over Time
The GDPR Edge platform has flexible implementation options. Many companies have complex long-term system requirements but relatively simple needs in the short-term. GDPR Edge allows any company to activate the platform within days, enabling fast access to visible and conspicuous compliance. A quick-start implementation may include a single system integration paired with some manual workflows but still brings the immediate power of all the ledger, task management and reporting elements of the solution.
GDPR Edge is both a powerful solution that proficiently serves complex organizations and an easily implemented alternative to manual DSAR processes; enabling companies to quickly demonstrate their compliance and automate the ongoing impact of the GDPR access requests.
If you would like to learn more about “How to turn Proper Data Management into a Competitive Advantage” download our whitepaper below.