Overview
In this case study we examine the needs of one of our customers to transform their existing backend application into supporting privacy compliance regulations and how we managed to find a cost effective solution by all means, technical and operational. We will name them Medico throughout here.
Medico achieved full compliance with several data protection regulations from around the world using Piiano Vault. Notably, the solution enabled Medico to accomplish this objective while keeping costs low and without the need to restructure their backend or hire additional legal, privacy, and technical experts.
The Challenge
Medico, a pseudonym, is a leading medical device company, which aspires to guarantee the highest standard of data protection for the personal- and health-related information stored within their backend application. This information is classified as highly sensitive and requires special handling and treatment. Serving a global customer base, Medico is mandated to comply with a patchwork of rules and regulations from various regional governing bodies.
Medico sought to minimize the total cost of ownership (TCO) of their privacy initiatives while still meeting the highest standards of today’s data protection requirements. Compliant data protection across many regions is costly and complicated for companies handling data from different countries. This challenge is due to differences between regional regulations and location-specific guidelines for handling sensitive data, such as data sovereignty, localization, and residency. Navigating and executing privacy correctly often requires on-hand experts to understand and implement rules as they evolve and the acquisition of new technology to support such efforts. Medico also wanted to avoid the operational and financial impact of completely restructuring their backend architecture and replicating privacy processes for every geography served.
Unwilling to compromise on privacy requirements, Medico found a solution with Piiano Vault that satisfied all the stakeholders.
Choosing Piiano Vault
The privacy team at Medico selected Piiano Vault because it could address multiple data protection regulations simultaneously without the expected operational challenges and costs.
The key factors that ultimately drove Medico’s decision to work with Piiano are:
- Piiano Vault aligned with the company’s mandate to keep their TCO low while incorporating a state-of-the-art vault into their architecture.
- Piiano Vault is designed to help businesses achieve robust data security and privacy controls through a simple, API-based integration, saving the company from the burden of building a solution.
- Piiano Vault is cross-platform (cloud provider agnostic) and has a flexible system design, making it highly compatible with different architectures. Such was the case with Medico’s serverless architecture. This further saved the company the time, effort, and cost in modifying existing systems to achieve full integration.
- Unlike other data protection vaults, one of the most significant advantages of Piiano Vault is that it enables businesses to fully host the solution within their systems (cloud accounts). This hosting arrangement allows businesses to retain complete control over their data, significantly reducing the risk that accompanies vendor access to data in the case of SaaS vaults. The ability to self-host further eliminates much of the administrative burdens arising from third-party hosting. These administrative issues include adapting to new agreements – such as the EULA or those dictated by other privacy policies – having to add another vendor to the list of vendors exposed to subprocessors, and troubling customers with related policy updates.
Piiano’s support and communication services also weighed heavily in Medico’s decision-making. The company found it helpful to have the Piiano team on hand to ensure that the solution’s implementation and ongoing operations remained smooth and hassle-free. Piiano supported Medico with security- and privacy-by-design consultancy.
Medico ultimately expected that Piiano Vault would enable them to maintain focus on their core business while ensuring that the company managed all data – and especially sensitive data – securely and efficiently.
The Approach and Solution
Medico considered two approaches to implementing their requirements.
The first approach involved hosting their system as a complete implementation in a few regions, a la fully duplicating it.
This is an expensive approach because the operations work and cloud expenses double.
The second approach is to store PII by region while keeping the rest of the data (de-identified because it lacks the PII portion) in the primary region. All end users talk to the primary web application server in this case. And the web application server talks to the other region’s vault.
Medico chose this second approach and deployed a few instances of Piiano Vault to meet the requirements of privacy laws from a few different regions. The solution immediately demonstrated its utility by providing a flexible solution for multiple privacy concerns without restructuring the company’s backend system. This is because Piiano Vault separates and encrypts sensitive data. Using this capability, Medico effectively separated personally identifiable information (PII) from the rest of its stored data and automatically pseudonymized data from foreign regions. This new architectural design satisfied regulatory and customer requirements without disrupting Medico’s work across different geographies.
In the solution, Medico had a web server backend system running in one region to serve all its customers. Their main privacy objective was to restrict the storage of customer data to their respective territories. They opted to do so according to the principle of data pseudonymization, which states that separating PII from the rest of a customer's data de-identifies it. In this way, it cannot be linked back to the data subject if stolen, and eliminates the need for a breach notification event should one ever occur. Rather than duplicating Medico’s entire system to run in a few different regions, the company used Piiano to use this principle fully. Now, the main region, which serves all customers, fetches customers’ PII from other locations only at runtime, when needed for processing. The main region always discards the PII immediately after the processing is complete.
This method ensures that the medical device data for customers from other regions can be stored in the main region’s data stores (because it is de-identified).
It is also important to mention that Piiano consulted with Medico’s general counsel on every action taken. The goal was to respect the privacy requirement that consumers of each region have their PII stored in their territory and nowhere else.
Piiano Vault enables Medico to meet customer expectations and data residency regulations, and gain access to state-of-the-art data security controls. In doing so, Medico has achieved the highest tier of data protection available today.
The Results
Using Piiano Vault, Medico achieved its privacy compliance objectives while remaining within budget. Those within the company who worked directly with the solution have voiced enthusiastic and total satisfaction with their experience.
"Piiano Vault offers an outstanding solution for the secure protection of sensitive data, particularly within the healthcare sector and the sensitive data typically involved in such a line of work. The solution consistently delivers exceptional support, thorough documentation, robust privacy features, and effortless integration into serverless architecture. With confidence, we can say that we now possess the necessary tools to effectively address customer concerns, enabling us to concentrate on our core business without excessive investment in personal data management." – Tomer Dayan, Software, Cloud and DataOps leader at Medico.
Future Plans
Looking to the future, Medico is considering expanding its use of Piiano Vault by exploring more advanced queries and using the solution to handle additional types of sensitive data, such as voice memos. They are considering how to best use Piiano’s built-in consent management system.
Conclusion
Piiano Vault is a highly flexible solution suited to most business verticals that need protection for sensitive data. It has proven especially helpful to companies in the medical field. After using Piiano’s tools and services, Medico recommends Piiano Vault for the ease in which it helps the company manage and protect sensitive data, and for its robust features, easy integration, and outstanding support.
Gil is a software ninja who loves both building software (companies too) and breaking code. Renowned for his prowess in security research, including notable exploits of the Microsoft Windows kernel that have earned him unusual high bounty awards. He has written a couple of very successful open source libraries. And he likes to talk publicly in conferences.
It all begins with the cloud, where applications are accessible to everyone. Therefore, a user or an attacker makes no difference per se. Technically, encrypting all data at rest and in transit might seem like a comprehensive approach, but these methods are not enough anymore. For cloud hosted applications, data-at-rest encryption does not provide the coverage one might expect.
Senior Product Owner
.jpg)
