Author
Paul Voigt

Dr. Paul Voigt, Lic. en Derecho, CIPP/E

Partner

Read More
Author
Paul Voigt

Dr. Paul Voigt, Lic. en Derecho, CIPP/E

Partner

Read More

16 August 2021

Practical Law - information security and cyber incident and data breach resources

  • Briefing

Information Security Considerations (Germany)

A Practice Note describing the laws, regulations, enforcement practices, and local resources to consider when developing, implementing, and maintaining an information security program in Germany or as applied to data originating from Germany. It discusses the Federal Data Protection Act (BDSG) and critical infrastructure provider obligations under the IT Security Act and IT Security Act 2.0. It addresses related EU law, such as the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR), the EU Directive on the Security of Network and Information Systems (Directive 2016/1148/EC) (NIS Directive), and Germany's implementing laws. It also discusses Federal Office for Information Security (BSI) regulations, standards, and resources. The Germany-specific guidance in this Note may be used with the generally applicable resources listed in the Global Information Security Toolkit.

Get the full pdf: Information Security Considerations



Cyber Incident Response and Data Breach Notification (Germany)

A Practice Note addressing legal requirements and considerations when handling data breaches, cyberattacks, or other information security incidents in Germany or drafting data breach response notifications regarding personal data originating from Germany. It discusses the Federal Data Protection Act (BDSG) and critical infrastructure provider obligations under the IT Security Act and IT Security Act 2.0. It also addresses related EU law, such as the
EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR), the EU Directive on the Security of Network and Information Systems (Directive 2016/1148/EC) (NIS Directive), and Germany’s implementing laws. The Germany-specific guidance in this Note may be used with the generally applicable resources in the Global Cyber Incident Response and Data Breach Notification Toolkit.

Get the full pdf: Cyber Incident Response and Data Breach Notification


This piece was originally published by Thomson Reuters Data Privacy Advisor and Practical Law and is reproduced with their permission.

 

Call To Action Arrow Image

Latest insights in your inbox

Subscribe to newsletters on topics relevant to you.

Subscribe
Subscribe