Posts

Information security, IT security and data protection – terms simply explained

Information security, data protection and IT security are three terms that are often used in the same context in everyday life, but have different meanings. The corresponding measures usually go hand in hand, but data protection, data security and IT security have very different priorities. All three areas are of crucial importance within a company. You can find out what is important in detail and what the specific differences are in the blog article.

Read more

EU-US Privacy Shield im Schrems 2 Urteil gekippt

Response to Schrems II judgment US Department of Commerce publishes white paper

The judgment of the European Court of Justice, which determined the ineffectiveness of the Privacy Shield Agreement between the European Union and the USA (Schrems II), did not go unnoticed in the USA either. In response, the US Department of Commerce has now published a white paper on data protection risk analysis as part of data export to the USA.

Read more

Hackerangriff

4 steps to holistic IT and information security

Hardly a week goes by without headlines about successful cyber attacks on companies. Not only large corporations, but also more and more small and medium-sized companies are the targets of cyber attacks. Regardless of whether the human factor is used as the attack vector or whether attacks are carried out directly on IT systems, the economic damage is enormous in most cases. In order to prevent such attacks, it is clear that a large number of IT security measures must be implemented in the company. The subject of IT and information security is complex and often not manageable. For this reason, organizations often ask themselves how one can initially approach such a complex topic in practice. Find out more about the first and, above all, essential steps to improve your information and IT security in our blog article.

Read more

Datenschutz

GDPR explained simply: TOMs – technical-organizational measures

In today’s digital age in particular, it is important that companies take sufficient technical and organizational measures to protect personal data in accordance with GDPR.

From a factual point of view, absolute protection must be rejected. Nevertheless, there are measures that almost certainly prevent personal data from reaching unauthorized persons unhindered. In this blog article, we answer how protection is to be guaranteed.

Read more

Aufgaben eines ISB - was macht ein Informationssicherheitsbeauftragter?

Tasks of the information security officer (ISO)

In order to successfully implement an information security management system (ISMS) in a company, every company needs an information security officer (ISB). In this article we show you the extensive tasks of the ISB.

Read more

Consent under data protection law – avoid mistakes and pitfalls

According to the concept of Art. 6 Para. 1 GDPR, all possible legal bases for data processing are equally valid. When examining the legality of data processing, the necessity to execute a contract (Art. 6 Paragraph 1 lit. . f GDPR). Nevertheless, the data protection law approval according to Art. 6 Para. 1 lit. a GDPR continues to be popular and is often viewed as the legal basis of choice.

Read more

EU-US Privacy Shield Video zum Thema

The EU-US Privacy Shield – everything you need to know about the Schrems 2 judgment in the video!

The so-called “Schrems2” judgment of the ECJ, with which the US-EU Privacy Shield was overturned, is currently stirring up data protection officers and companies. In the video you can find out everything you currently need to know about the EU-US Privacy Shield. We’ll also tell you what to look out for in the company!
Read more

EU-US Privacy Shield im Schrems 2 Urteil gekippt

Data transfer to the USA: an endless story with a lot of risk – current! The US-EU Privacy Shield

It took a long time, but now it actually happened that the Austrian lawyer Max Schrems brought the data transfer to the USA before the ECJ again. He was right again. The so-called “Schrems2” judgment of the ECJ, with which the US-EU Privacy Shield was overturned, is currently stirring up data protection officers and companies. In our blog article and video you will find out everything you currently need to know about EU-US privacy. We’ll also tell you what to look out for in the company!

Read more

EU-US Privacy Shield durch EuGH gekippt

“EU-US Privacy Shield” overturned by the ECJ

The fact that the ECJ overturned the EU-US Privacy Shield with its judgment has far-reaching consequences, especially for data transfer to the USA:

Affected are e.g. all apps, software programs and service providers with storage location USA or remote maintenance from USA!

Read more

Legally compliant data transfer between group companies

According to the General Data Protection Regulation, companies that are part of a group are not treated as uniformly responsible, but as independent group companies. There is therefore no group privilege. A separate justification is therefore required for each data transfer between the group companies, which must comply with the principles of the General Data Protection Regulation.

Read more