Industry Leaders Develop First Blockchain-based GDPR Solution
BDO USA, Intel, and Microsoft Collaborate with IntraEdge to Launch GDPR Edge
BDO USA, LLP and IntraEdge announced a strategic collaboration to support the launch of GDPR Edge™, powered by Intel® Software Guard Extensions (SGX), delivering a blockchain-based solution for the forthcoming General Data Protection Regulation (GDPR). Intel® Software Guard Extensions (Intel® SGX) is an Intel® architecture extension designed to increase the security of application code and data. Marking the biggest change to European Union (EU) data protection laws in twenty-plus years, with extra-territorial scope, the GDPR is intended to provide additional protections for individuals in the EU while imposing heavy fines for non-compliance. BDO is the first organization to integrate GDPR Edge into its governance, risk, and compliance advisory services. Microsoft has also joined in promoting the technology partnership and product launch.
GDPR Edge is geared toward highly complex environments with an array of data sources, customer touch points, and multi-point-of-sale (POS) systems, often found in retail, hospitality and technology industries. It helps operationalize GDPR obligations on an ongoing basis. By enabling organizations to view disparate transactional data in a centralized location and simultaneously providing an external consent mechanism for consumers, GDPR Edge integrates GDPR into business processes, mitigating risk and streamlining compliance efforts.
The solution also helps support the rights of data subjects, a fundamental requirement of the new regulation. Its easy-to-use portal allows individual data subjects to review their collected personal information, modify it, or request its removal. If the individual makes an update to their personal information within the portal, it kicks off a series of automated workflows on the back-end that record those changes and then communicates confirmation that the requested changes have been made back to the individual.
“This centralized repository can be made available to data protection authorities, auditors and data governance professionals, as well as any other data collector or processor, meaning increased accountability, information transparency, accuracy, efficiency and auditability,” says Stephanie Giammarco, Partner and National Leader of BDO’s Technology and Business Transformation Services practice. “Sweeping regulation calls for a stepped-up approach to information management, and we’re excited to couple this tool with BDO’s extensive governance, risk and compliance capabilities to provide clients with a suite of GDPR compliance services.”
Companies are already integrating and using the GDPR Edge platform ahead of the May deadline. As one of the early adopters of the GDPR Edge solution, CrossFit, Inc. COO Bruce Edwards said, “At CrossFit, we take the privacy of our customers’ data very seriously. We are happy to be an early adopter of the GDPR Edge technology.
Leveraging Hyperledger Sawtooth’s distributed ledger technology, GDPR Edge enables trusted governing parties to keep accurate records, while providing consumer access and transparency. The solution is enhanced by BDO’s holistic approach to data governance and privacy, as well as the firm’s extensive auditing capabilities.
As a supporter of the GDPR Edge platform, and as a trusted partner to Intel and BDO, Microsoft has partnered in positioning the technology to enterprise adopters. This includes leveraging its Azure platform and Business Intelligence offerings to transform the GDPR requirements into an enterprise value extension for Microsoft clients.