Are You Preparing for the
General Data Privacy Regulation (GDPR)?

What is the GDPR?

The European Union’s General Data Protection Regulation (GDPR) aims to enhance privacy and strengthen data protection rights of European Union (EU) citizens by requiring companies to take appropriate measures to secure personal data that they collect, process and/or store. Under the GDPR, personal data means any information relating to an “identified or identifiable natural person.”

Regardless of your corporate geographic location, if you conduct business in the EU and/or your application(s) collect, process and/or store personal data of EU citizens, the GDPR likely applies to you too.

The regulation will come into effect on 25 May 2018. Organizations could face large penalties for non-compliance. ISVs may also want to consider that many companies will be seeking solutions that help them address the requirements of GDPR when renewing or procuring IT products and services.

Considering GDPR as it Relates to Your OpenEdge Environment

To evaluate GDPR compliance, organizations may need to conduct a systematic approach to assess their current technology and processes, as well as to refine their future strategy and implementation. A careful risk-assessment analysis will help organizations balance high-value business initiatives against privacy risks. It also presents an opportunity for companies to gain a competitive advantage as customers within a digital eco-system will seek to work with GDPR-compliant organizations.

Your Progress OpenEdge application is a component of your larger environment or may even be the foundation of your business. Although we cannot guarantee your overall GDPR compliance, as your technology partner, we wish to provide you with information regarding your OpenEdge application as you conduct your own assessment.

Consider the questions below as you assess your OpenEdge technology. These should not only be considered for your own organization, but also for the customers you support via on-prem or SaaS applications:

Addressing GDPR in Your OpenEdge Environment

Addressing certain GDPR requirements relies on the use of current technology. Progress OpenEdge provides you with opportunities to upgrade technology that is the foundation of your application – and perhaps your business.

Manage the Data

Companies must take responsibility for the proper care of personal data they collect, process and/or store. We understand the complexity of this undertaking and offer the OpenEdge RDBMS Advanced Enterprise Edition specifically designed to help companies effectively manage vast amounts of data. It includes, but is not limited to:

  • OpenEdge Change Data Capture (CDC)

    Identify, track and save personal data changes within the RDBMS and support accurate data source synchronization across the business

  • OpenEdge Multi-tenancy

    Ensure the separation of your customers’ personal data within the cloud, while reducing development and deployment costs when delivering SaaS applications

  • OpenEdge Replication

    Near real-time continuous duplication for fast data recovery, minimizing the impact of unexpected outages and supporting a high-availability strategy

Privacy by Design, Privacy by Default

Defining the Processes

OpenEdge BPM allows you to build models that specify how work gets done, by whom and when. New regulatory requirements may create the need for companies to easily and quickly assess, modify, and redeploy these workflows processes to the runtime environment. Being able to do so with little to no coding changes and then view dashboards to measure application performance saves time, decreases development effort, and lowers overall costs.

Automating the Rules

Help your organization effectively adhere to changing data privacy regulations by putting the power in the citizen developers’ hands, and taking the pressure off of IT. Progress Corticon manages complex rules, including business rules designed to determine when it is necessary to delete personal data from your database when there is no longer a legitimate business reason to collect, process and/or store such data.

The Corticon rule integrity feature and onboard diagnostics allows you to automate and test new rules to pinpoint conflicts before they become headaches as well as ensure accurate results—before potentially incurring expensive fines.

Protecting Data

Progress Application Server for OpenEdge (PAS for OpenEdge) provides industry standard security and authentication and authorization control via Tomcat and Spring Security. For more information on enhancing the security of your OpenEdge environment, read Protecting Your Application in a Challenging Environment.

Encryption of Data at Rest

The OpenEdge RDBMS Advanced Enterprise Edition can also help you protect personal data with the inclusion of OpenEdge Transparent Data Encryption (TDE), which encrypts all or part of your database while at rest without requiring changes to the application.

Security Protocols

Progress OpenEdge 11.7 provides security updates to the entire platform by supporting the latest versions of SSL/TLS protocols. These protocols aim to secure data while it passes between different application components. For more information, read SSL/TLS Communication in Progress OpenEdge.

Data Access: Authentication & Authorization

Our latest release, Progress OpenEdge 11.7 includes enhancements to help you secure personal data that is collected, processed and/or stored based on current industry-standards helping you to minimize vulnerabilities that are amplified by legacy technology.

OpenEdge Authentication Gateway is a key component of a centralized authentication and authorization service for database access, providing trusted identity management by ensuring only the right people get the right access to the appropriate information, hardening the security of your OpenEdge application environment.

GDPR Impacts Almost Every Business in
Every Country

We highly recommend that you read the entire text of the GDPR and consult with your corporate legal team to scope and understand the implications of this regulation and how it affects your whole business.


Want to talk?

We would like to help you review your Progress OpenEdge environment and share more information about the OpenEdge platform as you prepare for the GDPR.