Privacy Regulations – a Complex Authorization Challenge for Today’s Organizations

Efficient processing and sharing of information is essential in every organization. However, security often fails. This typically leads to either of two scenarios:

  • Data is locked away rather than being shared among colleagues and partners, which seriously reduces efficiency and/or results in loss of business.
  • Access to data is opened up for too many users, which can be a serious breach of the law.

Securely sharing records that include or refer to personally identifiable information (PII) represent a special challenge, as legal constraints differ between countries. In other words the complex issues for organizations operating nationally, such as a governmental agency, are multiplied for multinationals.

In this webinar we will look at how Axiomatics database security capabilities enable organizations to dynamically filter out relevant data from large data stores, based on a user’s purpose of use and authorization, and thus resolve privacy data sharing issues.

Topics discussed:

  • Authorization requirements for existing privacy regulations
  • New regulations such as the planned EU Data Protection reform; what can we expect?
  • Examples: filtering of large data sets based on authorization policies as a means to achieve regulatory compliance





Other Resources

The Convergence of Cloud, DevOps and Access Control
Security experts from industry-leading NTT DATA and Axiomatics are making a deep dive into migrating access control to the cloud. Follow the demonstration of how to set up a project for containerization using ALFA and Jenkins.
ABAC as code – Applying Modern DevOps to Policy Authoring
A DevOps approach to externalized business policy engineering can ensure modern CI/CD processes help IT adoption of access control policy authoring.
Taking an identity-centric approach to a modern security architecture
Federal agencies invest heavily in protecting data from external threat actors, but the insider threat problem requires a new approach to access control. While protecting data is paramount, that requirement must be balanced with the need to share certain information across a variety of use case scenarios within and across agencies/departments.