How can Optimal IdM help you with GDPR?

Discover how an identity management solution can reduce headaches by centralizing all the identities and personal information you manage to fewer locations.


What is the GDPR?

The General Data Protection Regulation or GDPR is the European Union’s (EU) strengthen data protection rule covering all citizens of the EU. It gives control of their personal data back to the individual as well as restricting it’s transfer outside of the EU. The GDPR unifies the regulations across Europe and is applicable without any action by individual countries. Violations can result in fines of 20 million Euros or 4 percent of worldwide revenue, whichever is greater, so the regulations have gotten the attention of businesses. It replaces the old Data Protection Directive and goes into effect on May 25, 2018.

There are many sources of information available on the Internet by searching for GDPR. Here is the official publication of the regulations by the EU.


How does GDPR impact Optimal IdM and its customers?

Our software acts a broker between identity providers and relying parties. We do not store or maintain personal information in our software. The amount of encrypted information passed during this authentication exchange is a function of the relying provider request. For our on-premise clients and installations, all the transactions and data are controlled internally by the client and Optimal IdM does not add any vulnerabilities, additional data stores, or outside processing. For cloud services customers, it is a little more complex. The Internet operates without regards to international borders, so an EU citizen’s authentication request may transverse the EU boundary, depending on locations. Our cloud customers will need to consider that potential in their data mapping and risk assessment processes.

How is Optimal IdM preparing for GDPR?

Optimal IdM has many clients with operations in the EU, so we are on the path to compliance. We have completed our initial data mapping work and understand the steps needed for full compliance. As necessary, Optimal IdM will enter into data protection agreements as a data processor for any client doing business in the EU. Optimal IdM only utilizes state-of-the-art datacenters, operated by internationally recognized providers. The datacenters we utilized are configured with the highest possible security and audited annually.

sign on

How can Optimal IdM help you with GDPR?

An identity management solution can reduce headaches by centralizing all the identities and personal information you manage to fewer locations. Personal information does not need to be stored in numerous applications and databases across your company. Reducing your identity stores will make user management easier and more efficient while lowering inappropriate disclosure risks. With our software acting as a middleman, access to a data store is restricted only to our software. And for consumer identities, you no longer need to maintain your own repository of personal identity information. Optimal IdM software can utilize social media identities; such as Facebook, LinkedIn, or Google to verify authentication before granting access to your web site.