Meeting Data Compliance Standards

NIST Cybersecurity Framework

Both the NIST Privacy Framework and NIST 800-53 require organizations to control access to sensitive data founded on the principles of least privilege.

To satisfy this requirement, Protegrity provides role-based access control. For transactional business systems or for analytics that requires visibility to data in the clear, Protegrity’s in-use policy enforcement will re-identify records only for authorized users to view specific sensitive PII.

PCI DSS

PCI DSS requires the protection of PAN, SAD, and any other CHD considered PII. Multiple methods of pseudonymizing sensitive data are accepted cryptographically for addressing PCI DSS.

Protegrity isolates the data from the processes used to protect it. Protected data that remains at rest or in use and is not present in unprotected forms remains out of scope, reducing time and cost.

PRIVACY (GDPR, CCPA)

Protegrity’s Data Security and Privacy Platform helps data-driven organizations comply with the EU’s General Data Protection Regulation (GDPR) by implementing enterprise-wide data privacy protection. This advanced level of protection meets compliance expectations without compromising business processes. Our centralized data management and rule-based security policies are designed to handle all data-centric operational needs.

HIPAA

HIPAA specifies 18 data types requiring protection for healthcare, payer, and pharmaceutical organizations to meet compliance requirements

Protegrity supports all 18 data types and formats within a variety of platforms. By defining and targeting the protection of HIPAA data type regulatory compliance requirements, Protegrity simplifies the protection process and allows organizations to utilize data without having to precisely protect all data, all the time.