Marc ten Eikelder

How Swiss Banks Can Maintain Banking Secrecy Traditions While Meeting International Data Sharing Requirements

by Marc ten Eikelder February 18, 2026February 18, 2026 | Regulatory Compliance

Swiss banks face a compliance tension that cuts to the heart of Switzerland's financial identity. The Common Reporting Standard requires automatic exchange of financial account information with foreign tax authorities....

How UK Companies Serving EU Customers Can Maintain Market Access Through European Data Sovereignty

by Marc ten Eikelder February 18, 2026February 18, 2026 | GDPR Compliance

UK companies competing for EU enterprise customers face a procurement landscape that post-Brexit data sovereignty concerns have fundamentally reshaped. German banks, French insurers, and Dutch multinationals now require vendors to...

How European Healthcare Organizations Can Comply with National Health Data Laws Beyond GDPR Requirements

by Marc ten Eikelder February 18, 2026February 18, 2026 | GDPR Compliance

European healthcare providers face national health data laws creating obligations beyond GDPR baseline requirements. German medical confidentiality under §203 StGB, French professional secrecy in Code de la Santé Publique, Dutch...

How Swiss Financial Services Firms Can Meet FINMA Requirements While Serving International Clients

by Marc ten Eikelder February 18, 2026February 18, 2026 | Regulatory Compliance

Swiss financial services firms expanding internationally face a compliance tension that competitors in other jurisdictions rarely encounter: FINMA operational risk requirements demand institutional control over outsourced functions, whilst international clients...

How to Build a Transfer Impact Assessment That Satisfies Data Protection Authorities in the Post-Schrems II Era

by Marc ten Eikelder February 18, 2026February 18, 2026 | GDPR Compliance

Data protection officers conducting transfer impact assessments face uncertainty about what satisfies EU supervisory authorities whilst navigating complex evaluation of third-country laws, government surveillance capabilities, and supplementary measure adequacy. EDPB...

How Dutch Enterprises Can Satisfy Autoriteit Persoonsgegevens Transfer Impact Assessment Requirements

by Marc ten Eikelder February 18, 2026February 18, 2026 | GDPR Compliance

Dutch enterprises conducting international data transfers face Autoriteit Persoonsgegevens requirements for transfer impact assessments demonstrating adequate protection when personal data flows outside the EU. The AP emphasizes practical risk evaluation...

Prevent CLOUD Act Risks: Secure European Data Architecturally

by Marc ten Eikelder February 18, 2026February 18, 2026 | GDPR Compliance

How to Prevent US Government Access to European Data: An Architectural Approach to the CLOUD Act Problem European organisations that process sensitive data through US-headquartered cloud platforms face a structural...

How to Prove Data Sovereignty to European Customers: From Contractual Claims to Architectural Evidence

by Marc ten Eikelder February 18, 2026February 18, 2026 | GDPR Compliance

European procurement teams are no longer accepting sovereignty commitments at face value. DPOs want Transfer Impact Assessments before signature. Security architects are asking about key management architecture, not just data...

How European Banks Can Meet EBA Outsourcing Guidelines Through Customer-Controlled Encryption Keys

by Marc ten Eikelder February 11, 2026 | Regulatory Compliance

The European Banking Authority’s Guidelines on Outsourcing Arrangements (EBA/GL/2019/02) require financial institutions to maintain effective control over outsourced functions, including the ability to monitor performance, enforce security standards, and terminate...

How to Achieve DORA-Compliant Operational Resilience Without US Cloud Provider Dependency

by Marc ten Eikelder February 11, 2026 | Regulatory Compliance

The Digital Operational Resilience Act (DORA, Regulation EU 2022/2554) became enforceable on January 17, 2025, establishing uniform requirements for ICT security across the European financial sector. DORA structures its requirements...

How European Asset Managers Can Protect Client Data While Meeting ECB Supervisory Expectations

by Marc ten Eikelder February 11, 2026 | Regulatory Compliance

European asset managers operate under a convergence of regulatory expectations that increasingly treat client data protection as a supervisory priority rather than an operational afterthought. The Digital Operational Resilience Act...

How European Government Agencies Can Meet Digital Sovereignty Procurement Requirements

by Marc ten Eikelder February 11, 2026 | Regulatory Compliance

European government agencies are shifting from aspirational digital sovereignty goals to enforceable procurement specifications. In October 2025, the European Commission published the Cloud Sovereignty Framework (version 1.2.1), introducing eight Sovereignty...

How European Pharmaceutical Companies Can Share Clinical Trial Data Across Borders While Maintaining European Sovereignty

by Marc ten Eikelder February 11, 2026 | Regulatory Compliance

European pharmaceutical companies operate in one of the most data-intensive and heavily regulated industries on the continent. A single multinational clinical trial can generate patient health records, genomic data, adverse...

How German Organizations Can Protect Personal Data from US Government Access Under BfDI Requirements

by Marc ten Eikelder February 10, 2026 | GDPR Compliance

The Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI), Germany’s Federal Commissioner for Data Protection and Freedom of Information, has intensified scrutiny of organizations using US cloud providers to process...

2026 DSPM Integration Playbook: Aligning SIEM and DLP for Zero‑Risk

by Marc ten Eikelder December 18, 2025January 20, 2026 | Cybersecurity Risk Management

Security programs are most effective when SIEM, DLP, and DSPM operate as one system. SIEM correlates activity across users, devices, and apps; DLP enforces controls where data moves; DSPM brings...

Security and Compliance Blog

Learn security strategies, compare vendors, and implement best practices to prevent breaches and compliance violations from risky third party communications.

Posts by Marc ten Eikelder

How Swiss Banks Can Maintain Banking Secrecy Traditions While Meeting International Data Sharing Requirements

How European Banks Can Meet EBA Outsourcing Guidelines Through Customer-Controlled Encryption Keys

How to Achieve DORA-Compliant Operational Resilience Without US Cloud Provider Dependency

How European Asset Managers Can Protect Client Data While Meeting ECB Supervisory Expectations

2026 DSPM Integration Playbook: Aligning SIEM and DLP for Zero‑Risk

Get started.