CIAM and GDPR - Tools for compliance with Data Protection Regulations

Owned by Keith Uber
2021-02-05
1 min read

The European Union’s General Data Protection Regulation (GDPR) is globally the most substantial privacy legislation. All organisations handling any personal data of EU citizens need to comply with the GDPR, no matter where they are domiciled. Similar legislation is implemented in other jurisdictions, such as California's Consumer Privacy Act (CCPA), Brazil’s Lei Geral de Proteçao de Dados (LGPD), South Korea's Personal Information Protection Act or Japan's Act on Protection of Personal Information.

The requirements set forth by the GDPR are strict. Some of the requirements can be met with processes, while others are easier to implement with the help of technology. As the regulation deals with Personally Identifiable Information (PII), Identity and Access Management solutions can help in many areas.

Traditionally Identity and Access Management (IAM) has been associated with technologies that help organizations provision an employee from the Human Resource (HR) system to other relevant target systems within the enterprise. This is called Enterprise IAM. When Identity and Access Management functions are extended to include customers, partners or other external stakeholders, the traditional Enterprise IAM systems are ill equipped to handle the ever changing and rapidly evolving demands of customers. In these use cases, a specialised Customer Identity and Access Management (CIAM) solution is in order.

This white paper linked below outlines the legal premise of the GDPR, and then delves into the specific parts where Customer Identity and Access Management solutions can help your organization. 


http://www.ubisecure.com/about/resources/gdpr-customer-iam-whitepaper/

Ubisecure Privacy Policy & Cookie Statement