The Data Protection Act is based on the Basic Law of the Federal Republic of Germany and grants informal self-determination. This is to prevent unauthorised access to and misuse of personal data. This does not only refer to personal data on the internet. Data protection also covers other areas, such as account data, medical records and the secrecy of correspondence. In this way, it is intended to counteract the increasing tendency towards transparent people, the proliferation of state surveillance measures and the emergence of data monopolies.
Appointment of a Data Protection Officer
From the time of appointment, the data protection officer is responsible for data protection in the organisation. In doing so, the Data Protection Officer is not responsible for the operational tasks of maintaining data protection, but may delegate and supervise tasks. The data protection officer thus assumes responsibility for data protection.
Organisational and technical requirements