ISO 9001 Certificate


Is encryption the best way to implement GDPR?

The new EU data protection framework, also referred to as the General Data Protection Regulation (GDPR) will go into effect as of May 25th 2018. It came with potentially heavy fines and applies to every company doing business in Europe.

Encryption is mentioned as the only technology recommended to achieve compliance. Are you ready?

Are you using encryption technology to implement GDPR?

And if so, are you doing it right? What are the best practices? Why use HSMs?

The key questions that companies need to ask themselves are:

  • Does the GDPR apply to my organization? Even if my organization is based outside of the EU? Even if I am not storing or processing data in the EU – either in the cloud or on-premises?
  • What security strategy should businesses employ to ensure the proper protection of personal data and thereby avoid fines?
  • Are we using suitable technology to protect the personal data in question?

What is GDPR trying to achieve?

The new EU GDPR, which comes into effect on May 25th 2018, defines the minimum standards for handling, securing and sharing personal data. The overall target of the GDPR directive is NOT to prevent the movement of data throughout or beyond the EU. On the contrary: the main target is to facilitate the movement of personal data, in a similar way to how the EU aims to facilitate the free movement of goods and persons. The GDPR also recommends the creation of standards, so that the exchange of data becomes easier. At the same time, however, it aims to protect an individual person’s right to own their personal data, to have it edited, removed and protected from abuse.

According to the GDPR “Personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address.” (Article 4)

Encryption – the silver bullet to become GDPR compliant?

GDPR require you to take a number of measures, ranging from defining a Data Protection Officer to using “state of the art” technology to protect personal data.

Use encryption?

The main mechanism the GDPR recommends to employ is that of pseudonymization, i.e. to ensure that the personal data in question cannot be abused, because it cannot be attributed to the person it belongs to thanks to the use of encryption. So even if the data is stolen, it is unintelligible and thus cannot be abused.

GDPR Chart

Utimaco: GDPR – why encryption is so important to avoid fines

Interested in learning more?

Watch the Utimaco Webinar on the GDPR or contact us directly at .


Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail


      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.