Ignorance does not protect you from punishment
Ignoring or ignoring data protection does not protect you from punishment - and in the event of an emergency it can jeopardize the existence of a company. For Company Secured data protection is fundamental because every company maintains data that is subject to certain regulations and requirements.
But privacy is often paid little or no attention. "We do not have any relevant data to protect ..." is the argument of many entrepreneurs and executives.
One reason is the ever-increasing digital networking in all areas. Many people in their privacy regard data protection as not so important, according to social networking almost everything is posted.
What is privacy?
A definition of the term data protection helps to implement this adequately in the enterprise. A glance at relevant legal texts of the German Federal Data Protection Act (BDSG) as well as the European Data Protection Directive provides clarity on what is at stake: "Purpose [...] is to protect the individual from the fact that he is impaired in his personal right by the handling of his personal data" (§1 Abs. 1 BDSG) "Member States shall ensure [...] the protection of fundamental rights and freedoms, and in particular the protection of the privacy of individuals with regard to the processing of personal data." (Art 1, Directive 95 / 46 EC)
Data protection is thus based on the general right to personality and the self-determination of information, which are invariably anchored in the articles 1 and 2 of the Basic Law.
In its judgment on the census of December 1983, the Federal Constitutional Court upheld the right of self-determination as the core of data protection. The protection of personal data therefore goes to each individual, both in the role of the protector as well as the protector.
What are personal data?
Personal data within the meaning of the Federal Data Protection Act (BDSG) are all those individual details concerning personal or factual circumstances of a particular or determinable natural person. So all data that describe or identify a person: first and last names, gender, date of birth, color of hair and eyes, as well as vocational training, religious affiliation, family status and number of children, and much more.
In addition to the so-called sensitive data of a natural person, the BDSG also includes information about race or ethnicity, political opinion, religious or philosophical conviction, union membership, as well as information on health and sexual life.
Why is privacy necessary?
Data from customers, clients, patients, business partners, suppliers, service providers or employees, even simple eMailAddresses are found eating for criminals and data thieves. Company records, such as bank details or personal information, are also suitable for identity theft and related fraud. Whether these are in written or electronic form is minor matter.
Especially against the backdrop of steadily increasing cybercriminality and growing digital networking, the anti-virus program and firewall on the business computer have long been no longer sufficient.
Among competitors, warnings are particularly popular: Eg due to imprint errors or links to homepages. Specialized law firms are working here for a whole wave of warnings.
The least knowledge and respect the guidelines relevant to data protection. However, every entrepreneur and self-employed person who processes personal data (note: this concerns EVERYONE!) Is committed to data protection. This need arises from the legal requirements at state and federal level. In addition to the BDSG, the Telemedia and Telecommunications Act, the Tax Code, the Income Tax Act, etc. also include legal requirements.
If the specific details are not complied with, certain penalties are sometimes threatened. A breach of the provisions of the BDSG can be punished with a fine of up to 300.000 Euro or a liberty penalty of up to 2 years.
In which form is data protection possible?
Already companies with more than nine employees who work computer-assisted with personal data require an internal or external data protection officer according to § 4 BDSG. If, despite the existing obligation, no data protection officer is appointed or the order is not made in time, fines of up to 50.000 Euro are threatened.
Due to the complexity of the subject, it is recommended to hire an external data protection provider. With his professional expertise, he takes advantage of the legally ramified terrain and supports the management in the implementation of company data protection. It also protects against omissions due to everyday operational blindness, which is internally inevitable.
The company protects itself in this way from sanctioning by the supervisory authority and from privacy scandals with often associated negative press. This is not only of great relevance to companies that supply the private consumer. The "construction site" privacy concerns every ...
Regardless of the company size, the provisions of the BDSG must be implemented by all companies. Ask the following questions:
- Document your procedures for data processing?
- Observe the principles of data avoidance and data parshness when collecting data
- Do you use external service providers that process personnel data?
- Are your employees and employees familiar with the special requirements of data protection?
- Do you retain the rights of persons concerned when storing personal data, as required by law?
- Do you have a procedure directory?
- Are your employees regularly trained in data protection?
If you have answered one or more questions with "No", there is a need for immediate action.
More knowledge - PDF download, eCourses or personal advice
Offline download: Download this text as PDF - Read usage rights, Because we do not automatically submit the title of this text for privacy reasons: When buying in "interests" the title register if support is needed. After buying text exclusively Download at this URL (please save).
Your eCourse on Demand: Choose your personal eCourse on this or another desired topic, As a PDF download. Up to 30 lessons with each 4 learning task + final lesson. Please enter the title under "interests". Alternatively, we are happy to put together your course for you or offer you a personal regular eMailCourse including supervision and certificate - all further information!
Consultant packages: You want to increase your reach or address applicants as an employer? For these and other topics we offer special Consultant packages (overview) - For example, a personal phone call (price is per hour).