IT Compliance and Data Protection

Recent data-related scandals and security incidents involving major companies such as Deutsche Bahn, Deutsche Telekom, SONY and Nintendo, e.g. misuse of personal data or outflow of corporate expertise and business secrets, demonstrate that data protection and information security is crucially important for companies. Therefore, relevant obligations represent key compliance-related requirements, especially in IT-related areas.

Since corporate electronic data processing has long extended beyond the German jurisdiction and is also steadily increasing in scope, other IT-related compliance requirements are also becoming ever more important. These include legal requirements relating to commercial and tax law, such as the Principles of Data Access and Auditing of Digital Documents (GdPdU) as well as obligations to store data properly. In addition, there are also IT compliance requirements that are specific to a particular industry or segment, e.g. professional confidentiality obligations or strongly regulated areas (such as the financial sector or telecommunications). Lastly, compliance obligations often result from contractual arrangements or self-imposed obligations (code of conduct).

IT compliance and data protection should be integrated into a comprehensive compliance management system to counteract any breaches and associated liability risks for companies, management and employees. Thus, the first step is to identify all relevant compliance requirements. Secondly, relevant requirements should be implemented and monitored to ensure compliance. This generally requires a process-oriented management approach which should also be constantly improved. Industry standards, good practice and recognised methods such as Cobit, ITIL, ISO/IEC 27001 or ISO 9001 can also help in ensuring compliance.

Our experts in (IT) compliance, information security, data protection and law will assist you in developing an IT compliance management framework for the particular needs of your company. Our team works seamlessly and multidisciplinary. We also advise on strategic aspects or provide practical solutions for specific issues.

Our IT compliance and data protection services include:

  • Data protection and data security
  • Information security management
  • IT legal compliance
  • IT assurance
  • IT governance
  • Business and IT service continuity
  • IT sourcing compliance
  • IT project advisory

Should you have questions our partners are happy to assist:

Dr. Thorsten B. Behling

Partner
Tel.: +49 (0) 221 348 9362-45
thorsten.behling@wts.de  

Rüdiger Giebichenstein

Partner
Tel.: +49 (0) 221 348936-2220
ruediger.giebichenstein@wts.de

 

 

Twitter LinkedIn Facebook Youtube
© 2017 WTS Group AG Steuerberatungsgesellschaft. All rights reserved.