BDSG and CipherStash
CipherStash helps you meet your Bundesdatenschutzgesetz (BDSG) obligations by giving you identity-based access controls that keep your data encrypted even when in use.
How CipherStash helps with BDSG
Meet requirments for the German Federal Data Protection Act
Automatic encryption
Automatic encryption ensures that sensitive data is secure in-use, reducing the risk of unauthorized access.
Identity-based access control
Real-time identity-based access control enforces strict processing boundaries, allowing access only to authorized individuals.
Access logging
Data access can be managed via our fine-grained access controls tied to identity providers, ensuring that only personnel access sensitive data. Our logging of access supports accountability and traceability.
Pseudonymize sensitive data
Encryption can be used to pseudonymize sensitive data, making it accessible only in decrypted form to authorized individuals.
Dynamic access control
CipherStash’s enhanced encryption capabilities for sensitive data ensure compliance with stricter requirements for special categories of data (like health and biometric data). Our identity-based access control allows for dynamic management of who can access sensitive data based on role or necessity.
Reduce data breach cleanup costs
Encryption mitigates the severity of data breaches, as encrypted data without the decryption keys is not considered compromised under GDPR or BDSG. In the case of a data breach, our data access auditing reduces effort to prepare notification reports and improves accuracy.
Accountability and compliance documentation
CipherStash’s logging and audit features create a verifiable record of data access and processing, supporting accountability and compliance documentation.
Misuse resistance
CipherStash’s secure encryption ensures that employee data is stored safely. Real-time identity-based access control can enforce role-based restrictions, reducing the risk of misuse.
Start protecting your Postgres data
Get started by installing the NPM package, or get in touch to learn more.