AxonIQ is a software platform provider for event-driven micro-services systems. The Amsterdam-based company has unveiled their GDPR compliant Module for data erasure in event-driven systems.
The GDPR is a strict data protection compliance regime for the European Union which will come into effect on 25 May 2018. Article 17 of the GDPR provides any individual the right to request erasure of their data in reasonable time from an organization that holds it. The organization is then responsible to ensure the data is deleted from all relevant sources. The GDPR also established heavy fines and penalties for non-compliance.
The AxonIQ module enables organizations to maintain compliance of Article 17. It does this by implementing ‘cryptographic erasure,’ or ‘crypto-shredding.’ Cryptographic erasure erases data by deleting the key required to decrypt it. This means that any copies of the data are simultaneously erased also.
AxonIQ’s module ensures personal data is stored in an encrypted form to comply with GDPR ‘processing of personal data requirements’. Also, data is deleted via the module’s API ensuring easy implementation in a company’s in event sourced applications.Important for the GDPR data protection officer might be the fact that cryptographic erasure of storage media is approved by storage security standards NIST SP 800-88 Rev 1 and ISO/IEC 27040:2015.
The company held a webinar to explain its software and respond to questions.By Grace Appleford, Research Analyst for Holland Fintech.]]>