If your organization collects, stores or otherwise processes the data of individuals who live in the European Union (EU), the General Data Protection Regulation (GDPR) affects you. The primary responsibility for GDPR compliance lies with the controller (those who collect data). However, processors (usually API management and mediation platforms) are equally liable for how they handle data. So your API management solution also needs to comply with the regulations of GDPR.
API gateways can be perfectly positioned to address GDPR because it protects both data and user access at the point at which it enters and leaves the systems. This is very efficient because it ensures that security is embedded within the API itself, and not the apps that access the API. This allows app developers to focus on improving the functionality of their applications because they know API security is already taken care of.
In this webinar we will discuss how GDPR affects an API management solution. The following topics will be covered:
- The role of API management in a GDPR compliant solution
- How GDPR effects API management
- Principles relating to personal data processing and security of processing
- Data protection by design and by default