§ 29 LDSG RP
Processing of Special Categories of
(1)Personal Data
(2)The processing of special categories of personal data shall only be permissible where it is strictly necessary for task performance, appropriate safeguards for the rights of the data subjects exist, and 1. it is lawful under applicable law, or 2. the processing serves to protect the vital interests of the data subject or of another natural person, or 3. it relates to data which the data subject has manifestly made public.
(3)Appropriate safeguards within the meaning of paragraph 1 may include in particular 1. specific requirements for data security or data protection monitoring, 2. the establishment of specific review periods for deletion, 3. awareness-raising of those involved in processing operations, 4. restriction of access to personal data within the controller, 5. separate processing from other data, 6. pseudonymisation of personal data, 7. encryption of personal data, or 8. specific procedural rules which, in the event of a transfer or processing for other purposes, ensure the lawfulness of the processing. zur Einzelansicht § 29