


Where to put data on immunization status?
The corona pandemic made it necessary for many employers to record the vaccination status of employees. Particularly in the area of facility-based mandatory vaccination, this also had to be documented and proven if necessary. With the end of the...
Using Microsoft 365 in a privacy-compliant way?
The data protection risks of Microsoft 365 have long been known. Nevertheless, many companies continue to use the software service. Find out what the DSK's "Working Group for Microsoft Online Services" has come up with on this topic here. DSK on Microsoft 365 The...
Electronic health record as an opt-out?
The electronic patient record (ePA) has been available since January 1, 2021, but so far only as an opt-in solution (application solution). How an opt-out solution (objection solution) can be designed in the future is now being examined. What is the electronic...
Whistleblower Protection Act: What to do?
At long last, Germany is also developing a whistleblower protection law. It could come into force in May 2023. The law is intended to protect so-called whistleblowers from reprisals if they point out corruption, fraud, environmental damage or other abuses in their own...
New data protection law in Switzerland
In Switzerland, a new data protection law will come into force on September 1, 2023. This is primarily intended to adapt the data protection conditions in Switzerland to the GDPR. Find out everything you need to know about the legal innovations here. Why a...
Can a kindergarten use video surveillance?
The topic of video surveillance plays a recurring role in the context of data protection law. Based on the inquiry of a kindergarten in Thuringia to the corresponding data protection commissioner, whether an installation of cameras on the outdoor area for video surveillance...
Privacy policy: How to specify data recipients?
Time and again, the GDPR gives new reasons to argue about the proper execution of data protection. For example, there is still disagreement about how specifically to specify data recipients in a privacy statement. Learn here which...
Patient file: How much is the patient allowed to know?
Patients have the right to inspect their patient file or to have it copied. Here you can find out how far this right goes and when it may be restricted. Legal basis for the patient file Section 630 f of the German Civil Code (BGB)...
Can a data protection officer be terminated without notice?
Employees who violate their contractual obligations may be dismissed without notice. To find out what changes if the employee is also an internal data protection officer, click here. Work and official duties From...
Digital Red Cross - humanitarian aid in cyber warfare
War is also subject to the changes of digitalization. In a possible cyberwar, humanitarian and medical actors are to be protected. To this end, there are now several proposals to implement the emblem of the red cross digitally. Why a digital red cross?...