We inform our clients which legal IT security obligations must be observed. The same applies to critical infrastructure operators (KRITIS).
There can be no privacy without data security. We advise on the legal requirements of the GDPR and other data protection regulations for the introduction and documentation of technical and organisational measures.
Obligation to report
We perform legal assessments of security incidents and check the existence of reporting obligations to authorities and affected persons. If necessary, we will prepare a report that safeguards your interests.
We identify personal and company-related liability risks as well as compliance obligations with regard to IT security for the Executive Board and management.
Drafting of contracts
In addition to drafting contractual clauses to ensure the confidentiality of information vis-à-vis business partners, we also formulate staff agreements. These include, for example, the appointment of IT security and data protection officers as well as the obligation to maintain employee data secrecy.
IT security concept
We provide legal support for the introduction of IT security concepts. This includes, for example, the establishment of risk management or internal IT security guidelines, and also the implementation of a data protection impact assessment or legal support for certification procedures and security audits.
IT security guidelines
We are advising a producer and supplier of products for the entertainment and event industry on the design of group-wide IT security guidelines for employees dealing with corporate IT.
Security solutions for the home office
We advise companies on the design of home office solutions while maintaining IT and data security requirements.