APT Solutions are taking the following steps to ensure the Stratum Hawk Membership Relationship Management platform is compliant when the new data protection laws come into effect next year:
Data Encryption at Rest: Any and all files holding data within the Stratum Database have the ability to be encrypted automatically, at both the data and the file key level, preventing access to raw data should a data breach occur.
Automated logging of data changes: In addition to the current compliance with the Sarbanes-Oxley regulations, the Stratum Hawk platform has introduced the ability for any data file on the Stratum Database to have all changes sent to an audit logging mechanism allowing full traceability of any alterations to the data.
Lapsing Records – The Right to be Forgotten: Once a record is lapsed, a user can specify to ‘Forget this record’. This will scramble any information which allows the individual to have their identity reconstructed from any part of the system. This will not apply to non-sensitive financial information so that all previous batching and reconciliation of various elements of the system is unaffected.
Subject Access Requests: The current mechanisms for handling this are being enhanced further to reduce the cost of collating all information held on the Stratum Database and to speed up response times to these requests.