Businesses are faced with the challenge of meeting a growing number of compliance requirements (e.g. HIPAA and FERPA in the United States or GDPR in the European Union). On 25 May 2018, the General Data Protection Regulation (GPDR) became effective in the EU. It is a broad-reaching harmonization of data protection laws in the EU and the end goal is standardization as well as a simpler process.
Assistance with Regulatory Compliance
Businesses can benefit from all advantages of modern, secure email archiving with MailStore Server – MailStore can help support certain GDPR requirements. The software creates 1:1 copies of all emails in a central email archive to ensure the security and availability of any amount of data for years to come.
MailStore Server has been inspected by an independent IT auditor and is officially GDPR-certified. This certification verifies that when used properly, MailStore Server enables personal data to be processed in accordance with the data protection requirements set out in the GDPR.
The official certificate on the audit results for MailStore Server can be requested by our interested customers and partners via firstname.lastname@example.org.
Compliance Features to Support Your Data Governance
Completeness Through Journaling
MailStore Server enables you to completely archive all emails within a company. For example, email can be archived before being forwarded to employees’ mailboxes.
An archived email is identical to the original email in every respect and can, if necessary, be restored from the archive without losing any information.
MailStore generates SHA hash values from email content and uses internal AES-256 encryption. This helps to protect the archived data from tampering.
MailStore Server does not restrict businesses to a proprietary file format. All archived email can be exported in a single step at any time. A cryptographic signature can be added to exported emails. This helps to protect the exported emails from tampering, even outside of the archive.
Administrators can define sophisticated retention policies, enabling them to maintain complete control of the periods for which various types of email are archived. They can define whether emails are automatically deleted from the archive, and when, thereby complying with the different retention periods that are possibly mandated by regulatory requirements.
If the Legal Hold function has been enabled, no emails can be deleted from the archive, regardless of all other possible configurations of user privileges and retention policies.
MailStore Server uses an integrated auditing function to consistently log changes and events, which can be defined by the administrator.
A special auditor user type allows external auditors to access the archive. All actions performed by this user type are always logged.