§ 59 HDSIG
Requirements for the Security of Data Processing
(1)The controller and the processor shall, taking into account the state of the art, the costs of implementation, the nature, scope, circumstances and purposes of the processing and the likelihood and severity of the risk to the rights and freedoms of natural persons, implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk when processing personal data, in particular with regard to the processing of special categories of personal data. The likelihood and severity of the violation shall be determined according to the nature, scope, circumstances and purposes of the processing and shall be established on the basis of an objective assessment of the degree of risk.
(2)The measures referred to in para. 1 may include, among other things, the pseudonymisation and encryption of personal data, insofar as such means are possible in view of the processing purposes. The measures under para. 1 should ensure that 1. the confidentiality, integrity, availability and resilience of systems and services in connection with the processing are ensured on a permanent basis, and 2. the availability of and access to personal data can be rapidly restored in the event of a physical or technical incident.
(3)In the case of automated processing, the controller and the processor shall, following a risk assessment, take measures designed to 1. deny access to processing equipment used to carry out the processing to unauthorised persons (access control), 2. prevent the unauthorised reading, copying, altering or deletion of data media (data media control), 3. prevent the unauthorised input of personal data and the unauthorised inspection, alteration and deletion of stored personal data (storage control), 4. prevent the use of automated processing systems by means of data transmission equipment by unauthorised persons (user control), 5. ensure that persons authorised to use an automated processing system only have access to the personal data covered by their access authorisation (access rights control), 6. ensure that it is possible to verify and establish to which bodies personal data have been or may be transmitted or made available by means of data transmission equipment (transmission control), 7. ensure that it is possible subsequently to verify and establish which personal data have been input into automated processing systems and when and by whom (input control), 8. ensure that the confidentiality and integrity of the data are protected during the transmission of personal data and the transport of data media (transport control), 9. ensure that deployed systems can be restored in the event of a disruption (recoverability), 10. ensure that all functions of the system are available and that malfunctions are reported (reliability), 11. ensure that stored personal data cannot be corrupted by malfunctions of the system (data integrity), 12. ensure that personal data processed on behalf of a controller can only be processed in accordance with the controller's instructions (processing control), 13. ensure that personal data are protected against destruction or loss (availability control), 14. ensure that personal data collected for different purposes can be processed separately (separability). A purpose under sentence 1 nos. 2 to 5 may in particular be achieved through the use of encryption methods corresponding to the state of the art.
(4)Where personal data are not processed by automated means, measures shall be taken in particular to prevent unauthorised access during handling, storage, transport and destruction. zur Einzelansicht § 59