Industry Leaders Develop First Blockchain-based GDPR Solution

BDO USA, Intel, and Microsoft Collaborate with IntraEdge to Launch GDPR Edge

CHICAGO--()--BDO USA, LLP and IntraEdge today announced a strategic collaboration to support the launch of GDPR Edge™, powered by Intel® Software Guard Extensions (SGX), delivering a blockchain-based solution for the forthcoming General Data Protection Regulation (GDPR). Intel® Software Guard Extensions (Intel® SGX) is an Intel® architecture extension designed to increase the security of application code and data. Marking the biggest change to European Union (EU) data protection laws in twenty-plus years, with extra-territorial scope, the GDPR is intended to provide additional protections for individuals in the EU while imposing heavy fines for non-compliance. BDO is the first organization to integrate GDPR Edge into its governance, risk, and compliance advisory services. Microsoft has also joined in promoting the technology partnership and product launch.

GDPR Edge is geared toward highly complex environments with an array of data sources, customer touch points, and multi-point-of-sale (POS) systems, often found in retail, hospitality and technology industries. It helps operationalize GDPR obligations on an ongoing basis. By enabling organizations to view disparate transactional data in a centralized location and simultaneously providing an external consent mechanism for consumers, GDPR Edge integrates GDPR into business processes, mitigating risk and streamlining compliance efforts.

The solution also helps support the rights of data subjects, a fundamental requirement of the new regulation. Its easy-to-use portal allows individual data subjects to review their collected personal information, modify it, or request its removal. If the individual makes an update to their personal information within the portal, it kicks off a series of automated workflows on the back-end that record those changes and then communicates confirmation that the requested changes have been made back to the individual.

“This centralized repository can be made available to data protection authorities, auditors and data governance professionals, as well as any other data collector or processor, meaning increased accountability, information transparency, accuracy, efficiency and auditability,” says Stephanie Giammarco, Partner and National Leader of BDO’s Technology and Business Transformation Services practice. “Sweeping regulation calls for a stepped-up approach to information management, and we’re excited to couple this tool with BDO’s extensive governance, risk and compliance capabilities to provide clients with a suite of GDPR compliance services.”

“The deadline for GDPR compliance is fast approaching. There is a market opportunity for a ready-to-deploy solution that enables companies to operationalize some elements of compliance with the new regulation right into their business practices,” says Joe Jensen, Intel, VP of the Internet of Things Group and General Manager of the Retail Solutions Division. “As companies risk punitive fines up to €20 million or 4 percent of global revenue for the year, there is a very real impetus to ensure they can meet the standards of the new law, ideally without a costly overhaul of their data handling processes.” (Official Journal of the European Union 2016)1

Companies are already integrating and using the GDPR Edge platform ahead of the May deadline. As one of the early adopters of the GDPR Edge solution, CrossFit, Inc. COO Bruce Edwards said, “At CrossFit, we take the privacy of our customers’ data very seriously. We are happy to be an early adopter of the GDPR Edge technology.

Leveraging Hyperledger Sawtooth’s distributed ledger technology, GDPR Edge enables trusted governing parties to keep accurate records, while providing consumer access and transparency. The solution is enhanced by BDO’s holistic approach to data governance and privacy, as well as the firm’s extensive auditing capabilities.

As a supporter of the GDPR Edge platform, and as a trusted partner to Intel and BDO, Microsoft has partnered in positioning the technology to enterprise adopters. This includes leveraging its Azure platform and Business Intelligence offerings to transform the GDPR requirements into an enterprise value extension for Microsoft clients.

“The value of the GDPR Edge platform as it pertains to the changing regulatory environment and the importance of privacy within the global landscape cannot be overstated,” said Chris Dieringer of Microsoft, US Retail and CPG Industry Practice Leader. “This has been made clear by the market’s response to this unique, practical application of blockchain technology which operationalizes GDPR compliance.”

“GDPR presents extensive requirements and creates significant risk, and operationalizing GDPR is a significant challenge for merchants.,” says Jim Halpert, co-Chair of the Data Protection, Privacy & Security practice at DLA Piper, “I am encouraged that GDPR Edge offers a centralized operational solution to address key and difficult areas of compliance for merchants ahead of the May deadline.”

“Operationalizing compliance goes far beyond making sure processes are in order,” says Karen Schuler, BDO National Data & Information Governance Practice Leader. “With GDPR Edge, BDO is perfectly positioned to enable organizations to become compliant over the long term, to optimize the value of their data across the enterprise. As regulators across the world turn their focus to issues of data privacy, we’re thrilled to work together with Intel to help our clients adapt to the evolving regulatory environment and facilitate an unprecedented level of trust.”

Click here more information on BDO’s suite of GDPR compliance services.

About BDO USA

BDO is the brand name for BDO USA, LLP, a U.S. professional services firm providing assurance, tax, and advisory services to a wide range of publicly traded and privately held companies. For more than 100 years, BDO has provided quality service through the active involvement of experienced and committed professionals. The firm serves clients through more than 60 offices and over 550 independent alliance firm locations nationwide. As an independent Member Firm of BDO International Limited, BDO serves multi-national clients through a global network of 73,800 people working out of 1,500 offices across 162 countries.

BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. BDO is the brand name for the BDO network and for each of the BDO Member Firms. For more information please visit: www.bdo.com.

About GDPR Edge, from IntraEdge

GDPR Edge, powered by Intel® SGX, is the world's first enterprise-ready blockchain solution for operationalizing GDPR Compliance. The platform was developed in partnership by Intel and IntraEdge, a leading technology services company based in Chandler, Arizona. www.gdpredge.com | www.intraedge.com

__________________________________________

1  

Official Journal of the European Union. 2016. "Eur-Lex Access to European Union Law." Regulation( EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR). April 27. Accessed April 3, 2018. http://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1522813208562&uri=CELEX:32016R0679.

Contacts

Bliss Integrated Communication
Kerry Mullen, 212-840-1661
kerry@blissintegrated.com

Contacts

Bliss Integrated Communication
Kerry Mullen, 212-840-1661
kerry@blissintegrated.com