GDPR Compliance in File Sharing

Any business which collects or processes personally identifiable information (PII) of European Citizens is subject to the EU General Data Protection Regulation (GDPR) as of 25th May 2018.

Maytech GDPR Compliance

As a Data Controller, you must ensure that data is stored and transferred with appropriate security provisions. Any organisation which helps you to manage PII data is liable for the protection of PII under GDPR as a Data Processor.

Maytech’s secure file sharing platform enables GDPR-compliant end-to-end file transfers between Data Controllers and Data Processors, keeping your organisation’s files safe while in transit and at rest.

How Does Quatrix Help Data Controllers and Data Processors to Become GDPR Compliant?

All of the stipulations within the GDPR are included within our service, and pre-date the GDPR legislation. Since Maytech is not a Data Controller nor a Data Processor, our responsibility is to ensure that when you use our service, your data is stored and transferred in a secure manner.

Our customers are able to demonstrate a secure file sharing solution for internal and external file transfers with a full audit trail and centralised controls, putting you firmly in control of your data and preventing serious data breaches and potentially huge fines.

Quatrix® also notably reduces data security issues arising from unauthorised file sharing. By providing a professional, own-branded solution you reduce the risk of unauthorised file sharing by to end users.

What Security Compliance Accreditations Does Quatrix Maintain?

Quatrix manages file sharing for customers in 35 industries across 60 countries worldwide, working with customers as diverse as Governments sharing classified documents, to Big Pharma sharing highly sensitive medical records.

To meet the highest levels of security compliance, Quatrix goes above and beyond stipulations in the GDPR, meeting the stringent requirements of a range of relevant accreditations.

Maytech is compliant with the latest Payment Card Industry Data Security Standards (PCI-DSS) version 3.2, the Health Insurance Portability and Accountability Act (HIPAA) which is a US legislation that provides data privacy and security provisions for safeguarding medical information.

Additionally, Maytech’s information security management system is ISO 27001 certified and audited twice a year by Lloyd’s Register Quality Assurance and services are scanned daily for over 40,000+ security threats and vulnerabilities with McAfee Secure.

Customers can also arrange their own penetration test should this be a necessary requirement.

Key Security Features of Our GDPR Compliant File Sharing Service

Whether sharing file online via our website, transferring bulk data via SFTP or using our Outlook plugin our service keeps your data safe while at rest and in transit. Read on to find out more about Quatrix security features:

  • Data Residency – data residency in a location of your choice. Your data never leaves your specified data centre.
  • Strong Encryption – data is encrypted in transit over HTTPS or SFTP and encrypted at rest using the NSA approved AES algorithm with 256 bit key strength. An advanced PGP module is also available.
  • Data Retention Policies – control your data and set retention policies with automatic delete rules for specified folders and time limited share links. Hourly snapshots (backups) are retained and available to customers to restore deleted or overwritten files for 28 days however persistent backups of customer data is not retained beyond this period.
  • Granular Access Control – granular permissions offer detailed control over access, file and folder permissions for each user. Additional controls exist to restrict data sharing to ensure only the intended recipients can receive the data.
  • Central Control & Two-Factor Authentication – central administration controls to create unique user identities for both internal and external users and ensure all parties authenticate to receive data. Set strong passwords with optional 2FA and add security pin for extra sensitive data.
  • Reporting / Audit Trail – all transactions are logged and a full audit trail is available for ongoing monitoring and compliance.

More Information on GDPR

Start my FREE trial