Data security GDPR - TOMs & practical guides

Article by Aristotelis Zervos

Data Act-Durchführungsgesetz: Was Unternehmen jetzt umsetzen müssen

Durch das Data Act-Durchführungsgesetz wird der Data Act auch in Deutschland bald konkret und tatsächlich durchgesetzt. Welche Maßnahmen Unternehmen bereits jetzt vorbereiten sollten.

April 15, 2026

Reporting process in the event of a data breach

Article by Marcus Belke

Report a data breach correctly: Reporting process according to GDPR with deadlines, evaluation and documentation

Data breaches are now one of the most common compliance incidents in organizations. Incidents have to be assessed, reporting obligations checked, measures documented and communication decisions made within a short space of time. We provide

March 17, 2026

The Kritis roof law brings new requirements.

Article by Aristotelis Zervos

KRITIS umbrella law: New requirements for operators of critical systems

The KRITIS umbrella law supplements existing IT security regulations by pursuing an all-hazards approach. In other words, protection against natural hazards, technical faults, sabotage, terrorism and other non-IT-related threats. Here you will find

January 30, 2026

How companies can use proctoring in a legally compliant manner.

Article by Aristotelis Zervos

Proctoring in the application process: Admissibility under data protection law according to the GDPR

Is proctoring in the application process compliant with data protection regulations? Find out which GDPR requirements apply and how companies can use proctoring in a legally compliant manner.

December 18, 2025

Article by Aristotelis Zervos

Data protection authorities review AI use: companies must answer these 7 questions now

A few companies are currently receiving letters from data protection supervisory authorities regarding the use of AI tools. The supervisory authorities apparently want to obtain an up-to-date overview of the use of artificial intelligence in companies.

November 19, 2025

How IT asset management is becoming a control instrument for data protection, AI governance and audit security.

Article by Marcus Belke

ITAsMa: Why IT asset management must be part of compliance today

Many risks do not arise in the cloud, but in the inventory. ITAsMa shows where systems are running, what data they process and when they were last checked.

October 28, 2025

The data protection supervisory authorities want to harmonize the reporting obligations under NIS-2 and the GDPR.

Data security

NIS 2 Directive: Data protectionists want to standardize reporting channels for IT security incidents and data breaches

The current draft bill for the NIS-2 Implementation Act has met with significant criticism from data protection supervisory authorities. The focus is on the IT security authorities' inadequate obligation to provide information and the lack of cooperation between the

July 15, 2025

Volkswagen was able to refute the accusation of violations of the GDPR in court.

Compliance

Volkswagen successfully defends itself against high GDPR fine and warnings

The automotive group has appealed against both a fine of 4.3 million euros and several warnings from the State Commissioner for Data Protection of Lower Saxony (LfD).

June 16, 2025

Data protection

The five highest fines in April 2024

Breaches of data protection are no trivial offense - especially not in the USA! In April, fines were imposed on five companies that violated between 7

May 8, 2024

Data protection

Using artificial intelligence in compliance with data protection regulations

The Data Protection Conference has published guidance for companies and authorities on the data protection requirements for the selection and use of AI applications.

May 8, 2024

Article & News

Tag: Datensicherheit