BackupAssist & GDPR compliance

There are a lot of changes coming to how your personnel data is managed by organisations and companies – and it all kicks off on May 25th.

Over the past few weeks you’ve probably received lots of emails about updated company policies from the businesses and websites that you use. This is because of GDPR, the General Data Protection Regulation set out by the European Parliament and European Council to regulate how the personal information of people across Europe is used and managed. This regulatory framework is designed to protect user data, how data is used and managed, the rights of users to access their data and how data breaches are reported.

Who has to comply with GDPR?

Any individual, organization or business that processes or stores the data of European citizens. If your business is not based in Europe, but you collect the private data of citizens in Europe, you still need to comply with these new regulations. Although GDPR only applies to the personnel information of Europeans, many companies, including BackupAssist, are applying this framework to all users’ information.

When does GDPR take effect?

It comes into effect on May 25 2018.

How BackupAssist helps your business comply with GDPR

GDPR’s regulations mean that backup and recovery software is an important part of compliance. BackupAssist can help you meet all of the relevant regulations, and some key requirements are outlined below.

Restore requirements

Provides the ability to quickly restore user data if it is accidentally deleted or destroyed, as required by GDPR Article 32-2.

Disaster recovery requirements

Includes recovery functions, including Rapid VM Recovery, that provide access to data in a timely manner in the event of a physical or technical incident, as required by GDPR Article 30-1c|

Encryption requirements

Includes encryption features to protect user data when it’s transferred and stored so the data is not compromised if there is a security breach, as required by GDPR Articles 32-1 and 32-1b.

Notification requirements

Alerts you if the user data is impacted by ransomware as soon as CryptoSafeGuard detects an infection, allowing for timely reporting of the incident, as required by GDPR Articles 32 & 33.

How BackupAssist complies with GDPR

BackupAssist itself has undergone changes to ensure that it complies with the new regulatory framework. These changes are outlined below.

Process compliance

Cortex IT has completed a review of our data security and updated our company processes to align with GDPR.

Product compliance

BackupAssist 10.4 includes software updates to comply with GDPR, as follows:

  • Added an explicit opt-in for diagnostic submissions when contacting support.
  • Restores from a password-protected backup will prompt for a password before displaying the backup’s contents.
  • Improved the general security around password storage.
  • BackupAssist will no longer require a recovery USB key to be attached when using a BitLocker backup destination.
  • Back end changes have been made to data collection to ensure anonymity unless it’s related to licensing.

You can download or upgrade to BackupAssist 10.4 from the BackupAssist download page.

Additional reading

BackupAssist Data Handling document.

BackupAssist Privacy Policy

To learn more about GDPR, see

You can also check out our other blog articles below.

What is the GDPR?

How to Become GDPR Compliant

Share on email
Share on print
Share on facebook
Share on google
Share on twitter
Share on linkedin



Start your free 30-day trial today