About a-team Marketing Services
The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Provectus Offers GDPR Solution Based on Distributed Key Management and Blockchain

Subscribe to our newsletter

Provectus will bring an automated General Data Protection Regulation (GDPR) compliance solution to market this month. The solution focuses on data related aspects of the regulation, particularly interactions between individuals and organisations, and is based on distributed key management and blockchain based audit.

The solution is designed for start-ups and small to medium sized businesses that need to comply with GDPR, but don’t have resources for consultants and legal, or expertise in building robust compliance processes and policies. Customers do need to be relatively tech-savvy as the solution is provided as a suite of application programming interfaces (APIs) and requires some technical acumen to be integrated, although help can be provided by Squadex, Provectus’s parent and a technology consultancy and software engineering specialist.

Dima Kanevsky, product manager of Provectus, says: “Large companies are spending millions of dollars on GDPR compliance, but smaller companies can’t do that, so we have built an automated solution that is more efficient than manual processes, allows individuals to exert their rights under GDPR, logs data for audit purposes and doesn’t require expensive human input.”

The GDPR solution’s technology is tried and tested, and already in use in the US ensuring the privacy of sensitive financial data required for corporate tax purposes. GDPR compliance is limited to data interactions between individuals and organisations, which must fulfil their own Data Protection Impact Assessments (DPIA) and decide whether they need to appoint a Data Protection Officer in line with the regulation’s requirements.

Organisations and individuals interact through APIs, with individuals using devices such as mobile phones or a web application, and a key provided by the organisation to turn on or off consent to access their personal data. The key management solution encrypts data on a record-by-record basis and records of processing activities are kept on a cloud-based blockchain that keeps a log of users’ decisions on their data in an immutable way. Data from the blockchain can be extracted by users or authorities automatically, while the data encryption element of the key management system means any breaches of personal data lead only to anonymised data.

Yuri Vizitei, chief technology officer of Provectus, explains: “The core of the solution is distributed key management that allows individuals to control what personal data they provide to an organisation and access the information. The blockchain model is fit for purpose here as it provides an audit log rather than data storage that is subject to change.”

Provectus plans to price its GDPR solution on bands of numbers of active data users and says it has customers in the pipeline that will be up and running in time for GDPR compliance on May 25, 2018.

Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: Best practice approaches for corporate actions automation

Demand for timely and accurate corporate actions data is growing as volumes and complexity rise, and financial institutions acknowledge the increasingly costly gap between accurate corporate actions processing in real, or near-real, time and faulty processing caused by poor data and resulting in missed opportunities to optimise revenue. While many firms currently process parts of...

BLOG

SmartStream Combines Air, RDU to Offer Comprehensive Transaction Reporting for MiFID II

SmartStream Technologies has combined its SmartStream RDU reference data utility with its SmartStream Air (Artificial Intelligence Reconciliations) solution to create a new offering that provides regulated entities with comprehensive reporting capabilities for MiFID II. The new solution – Transaction Reporting Reconciliation and Reporting Decision Control – aims to address regulators’ growing requirement for completeness and accuracy...

EVENT

RegTech Summit London

Now in its 7th year, the RegTech Summit in London will bring together the RegTech ecosystem to explore how the European capital markets financial industry can leverage technology to drive innovation, cut costs and support regulatory change.

GUIDE

ESG Data Handbook 2022

The ESG landscape is changing faster than anyone could have imagined even five years ago. With tens of trillions of dollars expected to have been committed to sustainable assets by the end of the decade, it’s never been more important for financial institutions of all sizes to stay abreast of changes in the ESG data...