Mage Data strengthens its data security posture with the ISO 27001 certification. READ MORE >

October 1, 2020

MENTIS enters the Data Privacy space by announcing the capability to address Data Subject Requests

17 November 2020

MENTIS, a pioneer in data and application security software, announces capability to address Data Subject Requests (DSRs) with its data minimization solution

Privacy laws in recent years such as the EU’s General Data Protection Regulation (GDPR), along with this year’s California Consumer Privacy Act (CCPA), provide a number of key consumer rights . Some of the more popular ones are the Right to Access and the Right to be Forgotten. Enterprises handling consumer information are legally obligated to fulfill a DSR within the given timeframe or face penalties, according to whichever law applicable.

As an innovator in data security, MENTIS was already prepared for this kind of data-specific requirement with several of its risk- and location-focused solutions, most specifically its industry-first data minimization module, iRetire™, which was introduced in 2015. The product was specifically designed to meet the challenge of minimizing the risk of retaining unnecessary data while enabling compliance with GDPR and CCPA.

MENTIS has been successful for many years with its leading data discovery and anonymization solutions. It gives us great pride to add yet another capability in our portfolio through iRetire™.

Rajesh Parthasarathy, MENTIS’ founder, and CEO

The MENTIS approach is two-pronged: enable robust compliance but in a way that retains as much value for the organization as possible. Conventional approaches are often one-dimensional: for instance, archiving merely transfers the risk inherent in the sensitive data to another location, while deletion necessarily removes the transactional value of the data for analytics and business planning. Applying MENTIS’ data minimization solution achieves both goals. After scanning the database for specific information pertaining to an individual, iRetire™ tokenizes the relevant sensitive information with a methodology that de-identifies the data while retaining its transactional utility.

The application of iRetire™ specifically for DSR compliance has recently been successfully demonstrated at a leading global Canadian management and consultancy services business, where the goal was to minimize the data of their inactive employees and to enable compliance with CCPA’s and GDPR’s DSR directives.

Keshav Rajagopal, the project lead for the implementation stated, “The successful completion of the iRetire project for CCPA and GDPR compliance is a key milestone for MENTIS – it provides us with valuable experience to undertake future compliance-oriented projects in the data minimization space.”

With a focus on sensitive data and its risks, iRetire meets the DSR compliance challenge and provides benefits for both the consumer and the organization. For compliance, it securely de-identifies data; for the organization, iRetire retains the business value; and importantly, it can do all of this while working with the organization’s data retention policies.

Regarding the solution, Rajesh Parthasarathy, founder and CEO of MENTIS commented, “MENTIS has been successful for many years with its leading sensitive data discovery and anonymization solutions. Now, with iRetire™, our solution for data minimization, we enter into the data privacy space by demonstrating the ability to enable organizations respond to Data Subject Requests that have been introduced through numerous data privacy regulations. It gives us great pride to add yet another capability in our already diverse portfolio, and we will continue to innovate to serve our customers to our best ability.”


Founded in 2004, MENTIS was one of the first companies in what was then a fledgling data-security market. Guided by a visionary founder with a deep grounding in both business and technology, MENTIS immediately began to innovate and has never since stopped. Known for its responsiveness to the moving target that is risk and compliance, MENTIS continues to bring powerful products to the market, the result of the company’s deep analysis of new trends in risk, along with a collaboration with its customers to assess and weigh their current challenges.

The company’s latest release makes the MENTIS platform the only integrated end-to-end platform where discovery, masking, monitoring, and retirement of sensitive data are available for both Non-Production and Production environments, and also now support both structured and unstructured data, whether in the cloud or on premise. Its segregation of duties functionalities means MENTIS also allows stakeholders across the IT, business, and security and compliance groups to collaborate to achieve comprehensive and consistent data security.

MENTIS helps protects the data of some of the most iconic industries and institutions in the world. Its customer roster includes internet commerce pioneers and national airlines; higher education institutions ranging from the Ivy League to Land Grant schools; international industrial behemoths and retail giants; and global leaders in the highly regulated financial services and healthcare industries.