Data protection management Establishment of the data protection organisation, preparation of mandatory documentation, fulfilment of accountability, maintenance of the register of processing activities, risk management, implementation of data protection impact assessments, processing of data subject enquiries, processing of data protection incidents, management of order processing, communication with the supervisory authorities, management of the data protection coordinators, coordination of cooperation with the other business areas, in particular with information security
Audits and pentests Carrying out internal and external audits, preparing certification in accordance with Art. 42 GDPR, checking the effectiveness of measures, checking the security of processing, checking documentation and risk assessments
Training and education Training preparation, regular online and classroom training, proof of success, training on general and specific attack scenarios, management and employee training
External data protection officer Advice and support for your company in all data protection issues, communication with data subjects and the supervisory authority, regular training with proof of success
Information security
Information security management Advice on setting up the ISMS and preparing for certification in accordance with BSI basic protection and ISO 27001, coordination of cooperation with the other business units, in particular with data protection.
Audits and pentests Carrying out internal and external audits, preparation and follow-up of certifications, checking the effectiveness of measures, checking documentation and risk assessments, processing defect lists
Training and education Training preparation, regular online and classroom training, proof of success, training on general and specific attack scenarios, management and employee training
DIGA and TR-03161 Audit preparation
Data protection and technical preparation of your DIGA in accordance with DIGAV for submission to the BfArM Digital health applications must fulfil a number of requirements before they are approved by the BfArM. The DIGAV in particular places high demands on data protection and data security. We protect you from surprises in the authorisation process.
Exam preparation and pre-audit for TR-03161 (parts 1-3) Since 1 January 2025, you need a TR-03161 BSI certificate for the listing of your DIGA by the BfArM. The challenges for this should not be underestimated, the failure rate is high. Play it safe! We will guide you successfully through the certification process!
