Category of Measures
Description of Category
Encryption (Art. 32 (1) a) GDPR)
Cryptographic measures to ensure that information is hashed when transferred internally or externally and can only become readable again by using the correct encryption key.
Encryption of the company website (“data in motion”)
Encryption of data carriers on laptops/notebooks and mobile data carriers ("data at rest”)
Confidentiality – physical access control (Art. 32 (1) b) GDPR)
Measures to prevent unauthorised persons from gaining access to data Processing systems with which personal data is processed or used.
Security of the buildings, windows and doors with an alarm system
Digital keys management system
Automated access control system and manual locking system with safety locks
Light barriers/motion detectors
Video surveillance of entrances
Confidentiality – data access control (Art. 32 (1) b) GDPR)
Measures to prevent data Processing systems from being used without authorisation.
Authentication with username /password, and/or biometric methods
Allocate user rights, defining user profiles, assignment passwords, and assign user profiles to IT-systems
Use of Intrusion-Detection-Systems
Immediate blocking of authorization when employees leave the company
Locked housings / security locks
Password protected screensavers and automated screen locking in case of inactivity, and two-factor user authentication
Implementation of virtual networks for the separation of data streams
Confidentiality – data usage control (Art. 32 (1) b) GDPR)
Measures to ensure that persons entitled to use a data Processing system have access only to the data to which they have a right of access, and that personal data cannot be read, copied, altered or removed without authorisation in the course of Processing or use and after storage.
Use of document shredders or appropriate service providers and physical deletion of data mediums before reuse
Development of an authorization concept (Differentiated authorisations for read, edit or delete data) and password procedures (incl. special characters, minimum length, change of password)
Assignment of rights by system administrator
Confidentiality – transmission control (Art. 32 (1) b) GDPR)
Measures to ensure that personal data cannot be read, copied, altered or removed during electronic transmission or transport or storage onto data carriers, and that it is possible to check and establish to which bodies the transfer of personal data by means of data transmission facilities is envisaged.
Documentation of all interfaces
Documentation of recipients of data and the time periods of planned surrender or agreed erasure time limits
Confidentiality – separation control (Art. 32 (1) b) GDPR)
Measures to ensure that data collected for different purposes can be processed separately.
Segregation of functions (production/testing)
Development of an authorization concept
Separated databases and separate tables within database
Logical client separation
Integrity – input control (Art. 32 (1) b) GDPR)
Full documentation of data management and maintenance must be maintained - to ensure the ongoing integrity of data. Measures for subsequent checking whether data has been entered, changed or removed (deleted), and by whom.
No local admin privileges
Assignment of authorisations for input
Alteration and erasure of data on the basis of an authorisation concept
Availability – availability control (Art. 32 (1) b) GDPR)
Measures to ensure that personal data is protected from accidental destruction or loss.
Air conditioning in server rooms
Alarm during unauthorized entry into server room
Fire extinguishers in server rooms, installation of fire and smoke detection systems, uninterruptible power supply (UPS)
Remote data backup in secure outsourced locations
Monitoring of temperature and humidity and power outlet strip with surge protection in server rooms
Development of an emergency plan and a disaster recovery plan, in flood areas: server rooms above waterline
Server room not under sanitary facilities
Availability – job control (Art. 32 (1) b) GDPR)
Measures to ensure that, in the case of commissioned Processing of personal data, the data is processed only in accordance with the instructions of the Controller.
Selection of the Processor giving consideration to diligence aspects (in particular with respect to data security)
Contractual penalties for breaches
Written instructions to the Processor (e.g. Data Processing Agreement) as defined in Art. 28 (2) GDPR
Efficient rights of control agreed with the Processor
Putting the Processor's employees under an obligation of data confidentiality (Art. 28 Abs. 3 lit. b GDPR)
Assurance of deletion of the data at the end of the provision of services, continuous control of the Processor and its activities
Use of Subcontractors requires the Controller's consent and prior verification and documentation of the security measures taken by the Processor
Resilience (Art. 32 (1) b) GDPR)
Measures to ensure the resilience of the systems and services that guarantee that the systems and services are designed in such a way that even high peak loads and high continuous loads of Processing can be handled.
Testing of storage, access and line capacities
Restoration of availability (Art. 32 (1) c) GDPR)
Measures to ensure that availability of and access to the data can be restored in a timely manner in the event of a physical or technical incident.
Redundant design of the infrastructure (of hard disks, e.g. RAID)
Testing of data restoration
Data protection management (Art. 32 (1) d) GDPR)
Measures to ensure a process for regularly testing, assessing and evaluating the effectiveness of the technical and organisational measures for ensuring the security of the Processing.
Checking of the DSB and the IT revision