Financial Services – Cross Border Data Protection

Company Profile

A major Italian banking and financial services corporation, with thousands of branches spread throughout the European Union, including Austria, Germany, and Bulgaria, among others.

Business Problem

A major Italian bank performed a consolidation of all European operational data sources to Italy.

This meant protecting Personally Identifiable Information (PII) in compliance with the EU Cross Border Data Protection Laws, specifically Datenschutzgesetz 2000 (DSG 2000) in Austria, and Bundesdatenschutzgesetz in Germany.

This required access to Austrian and German customer data to be restricted to only requesters in each respective country.

Finally, due to the consolidation, protection needed to be adapted to be compatible with multiple data types and a variety of systems, including SAS, Mainframe, and ERP.

Protegrity Solution

Protegrity implemented Vaultless Tokenization services locally, to de-identify new and existing PII at source banking entities before transfer to HQ.

Vaultless Tokenization ensured both compliance with EU Cross Border Data Security laws, and complete business analysis capabilities in the Teradata enterprise data warehouse at HQ. Tokenization was delivered via clusters of multiple servers to maximize throughput with bulk tokenization.

Along with Vaultless Tokenization, centralized policy-based access controls were implemented with integration of both LDAP and Active Directory. This restricted access to re-identified data to authorized users, including country-specific requirements for Austria and Germany.

Requirements & Challenges

  • Protect customer PII to the satisfaction of EU Cross Border Data Security requirements
  • Protect source data from various European banking entities, consolidated at Italian HQ
  • Protect existing sensitive data within HQ systems
  • Adapt protection to be compatible with multiple data types and IT systems
  • Achieve very high throughput
  • Ensure maximum reliability and data integrity

Results & Benefits

  • Complete policy-enforced de-identification of sensitive data across all bank entities
  • End-to-end data protection from geographically distributed bank entities to HQ
  • All existing data secured at a fine-grained level
  • Achieved targeted compliance with EU Cross Border Data Security laws
  • Implemented country-specific data access restrictions
  • Achieved extremely high throughput of data

Implementation Diagram