Simplified deletion of personal private data in cloud backup storage for GDPR compliance

摘要

In a public cloud that stores data in a database system for a plurality of entities as primary data and as one or more secondary backup copies of the primary data, the data being stored in predefined data fields of data records, personal private data of each entity is stored encrypted using an encryption/decryption key that is unique to each different entity. The encryption/decryption keys are stored in the cloud in a key store of a key management system. To delete the personal private data of a particular entity, as to comply with the right to be forgotten pursuant to GDPR regulations, or otherwise, the encryption/decryption key for that particular entity is deleted from the key store to render permanently inaccessible all copies of that entity's personal private data.