Information security in the financial industry: Cloud service providers with ISO/IEC 27001 certification are the safe choice Part 3

Companies in the financial sector must comply with numerous regulations to protect data and IT systems. In addition to the GDPR, the requirements from BAIT, VAIT and KAIT are particularly relevant here.

Anonymization in data protection – opportunity or risk borderline? Part 2

Part 2: What procedures, advantages and risks do pseudonymization and anonymization entail in data protection? What are the procedures for pseudonymization? In the case of pseudonymization, the person responsible can use a rights and roles concept to ensure that the pseudonymized data record is not merged with the identifiers. One option, for example, is to […]

Anonymization in data protection – opportunity or risk borderline? Part 1

Part 1: The concepts of anonymization and pseudonymization Anonymization – in the context of data protection, this often means that data controllers do not have to comply with data protection regulations when further processing the data. The background to this connotation is that, according to Art. 2 (1), the GDPR only applies to personal data. […]

VG Ansbach: A suitable legal basis for seamless video surveillance of gym users?

A violation of the GDPR occurs in particular if the data is processed without a corresponding legal basis. This was the case in the present case, in that a fitness studio in Bavaria monitored the entire training area without any gaps, and collected a prohibition order from the Bavarian State Office for Data Protection Supervision […]

Information security in the financial industry: Cloud service providers with ISO/IEC 27001 certification are the safe choice Part 2

Selecting a cloud service provider: ISO 27001 certificate as a central criterion Certification in accordance with the ISO/IEC 27001 standard forms a central criterion for the selection of a cloud service provider. Companies from the financial sector that transfer their data externally must trust their cloud provider and rely on the provider’s compliance with all […]

This post is also available in: German