Data Breach Notification Laws

Thales eSecurity’s Vormetric Data Security Platform enables safe harbor from data breach notification laws and fines

Global Map

Regulation

Active now

Protecting You from Data Breach Notification Requirements

Data breach disclosure law notification requirements following loss of personal information have been enacted by governments around the globe. They vary by jurisdiction, but almost universally include a “safe harbour” clause.

Thales eSecurity can help protect from the consequences of a data breach through a data-centric focus on security around personal information, including:

  • Encryption of personal data wherever it resides;
  • Policy-based access controls;
  • Monitoring data access to detect compromise.
Data Breach Disclosure Laws Widespread

National data breach disclosure laws include the UK Data Protection Act, EU General Data Protection Regulation (GDPR), South Korea’s Personal Information Protection Act, Australian Privacy Act and others.

Prevention of Data Breaches a Complex Task

Data breach protection and prevention is not as simple as implementing hardware level disk encryption or OS level encryption within systems. Attacks are increasingly able to penetrate perimeter defenses, compromise accounts, and mine data without targets even being aware of the attack. With this kind of activity, simple encryption schemes won’t prevent a data breach – attackers will access accounts that allow them to decrypt and extract personal data. Driving this are criminal groups willing and able to pay for stolen personal information that has direct monetary value.

Data Breach Protection Requires a Data-Centric Focus

A data-centric focus on preventing the loss of personal information in order to comply with data breach disclosure laws requires:

  • Encryption of personal data wherever it resides – including file systems databases, web repositories, cloud environments, big data environments and virtualization implementations.
  • Policy-based access controls to assure that only authorized accounts and processes can see the data.
  • Monitoring of authorized accounts accessing data, to ensure that these accounts have not been compromised.
Thales eSecurity Provides Key Components of the Solution

Thales eSecurity's Vormetric Data Security Platform provides key components of the solution to implementing data-centric security. These include security controls that enable organizations to safeguard and audit the integrity of customer records and information against a broad range of threats against data. Thales eSecurity data breach protection solutions are transparent to existing operating processes and applications for rapid implementation of protection from data breaches.

This single platform solution to multiple data breach protection needs helps organizations meet compliance requirements with low TCO and an easy-to-deploy, centrally managed infrastructure and solution set.

Vormetric Transparent Encryption

Vormetric Transparent Encryption from Thales eSecurity provides file and volume level data-at-rest encryption and integrated, secure key management with a best practices implementation. Access controls and data access monitoring information extend protection from data breaches by limiting data access to only personnel and programs authorized to do so. The same data provides the security intelligence information required for the Security Information and Event Management solution to identify accounts that may represent a threat because of a malicious insider, or a compromise of account credentials by malware.

Vormetric Application Encryption

Vormetric Application Encryption from Thales eSecurity adds another layer of data breach protection, enabling organizations to easily build encryption capabilities into internal applications at the field and column level.

Vormetric Key Management

Vormetric Key Management from Thales eSecurity enables centralized management of encryption keys for other environments and devices including KMIP compatible hardware, Oracle and SQL Server TDE master keys and digital certificates.

Research and Whitepapers : Bloor for the EU’s new data protection regulation, encryption should be the default option

There are many regulations and industry standards that require that stringent safeguards are applied to personal and sensitive data...

Download

Other key data protection and security regulations

GDPR

GDPR Thumbnail

Regulation

Active Now

Perhaps the most comprehensive data privacy standard to date, GDPR affects any organisation that processes the personal data of EU citizens - regardless of where the organisation is headquartered.

Learn More

PCI DSS

GDPR Thumbnail

Mandate

Active Now

Any organisation that plays a role in processing credit and debit card payments must comply with the strict PCI DSS compliance requirements for the processing, storage and transmission of account data.

Learn More

Data Breach Notification Laws

eIDAS

Regulation

Active now

Data breach notification requirements following loss of personal information have been enacted by nations around the globe. They vary by jurisdiction but almost universally include a “safe harbour” clause.

Learn More
Contact a Compliance Specialist Contact Us
Are you fit for GDPR Take our readiness assessment now
Read the Compliance and Regulations Solutions Handbook Read the eBook

Related Solutions

Data Residency

There are more than 100 national data privacy laws on the books. Global enterprise, SaaS vendors and cloud-solution providers need to be aware how to meet data residency requirements in their environment.

Learn More

GDPR

Perhaps the most comprehensive data privacy standard to date, GDPR affects any organization that processes the personal data of EU citizens - regardless of where the organization is headquartered.

Learn More

eIDAS

The eIDAS regulation has been developed to establish a single European market for secure electronic commerce, impacting any organization that handles online transactions with EU citizens.

Learn More
Vormetric Encryption delivers what we need it to do – without any fuss or drama – knowing it’s in place is one less thing to worry about. Albert AvilaBusiness Solutions Specialist, Fujitsu America, Inc.
Thales eSecurity is our standard. Whenever an encryption solution is needed, the answer is always, ‘let’s start with Thales eSecurity. Damian McDonaldVice President of Global Information Security, Becton, Dickinson and Company
There is absolutely no noticeable impact on the performance or usability of applications. I am very excited at how easy the solution is to deploy and it has always performed flawlessly. Christian MuusDirector of Security for Teleperformance EMEA
Implementing Vormetric has given our own clients an added level of confidence in the relationship they have with us; they know we’re serious about taking care of their data. Audley Deansenior director of Information Security,
BMC Software
Vormetric’s approach of coupling access control with encryption is a very powerful combination. We use it to demonstrate to clients our commitment to preserving the security and integrity of their test cases, data and designs. David VargasInformation Security Architect
Cadence Design Systems
My concern with encryption was the overhead on user and application performance. With Thales eSecurity, people have no idea it’s even running. Karl MudraCIO
Delta Dental of Missouri
The Vormetric solution not only solved all of our encryption needs but alleviated any fears of the complexity and overhead of managing the environment once it was in place. Joseph Johnson,chief information security officer CHS
As a global payment solutions and commerce enablement leader, Verifone’s strategy is to develop and deploy “best in class” payment solutions and services that meet or exceed global security standards and help our clients securely accept electronic payments across all channels of commerce. We selected Thales HSMs to provide robust security, unmatched performance and superior scalability across… Joe Majka,Chief Security Officer
Watch our interactive demo Explore
Schedule a live demo Schedule
Get in contact with a specialist Contact us