{"id":10068,"date":"2021-05-20T15:24:27","date_gmt":"2021-05-20T13:24:27","guid":{"rendered":"https:\/\/www.robin-data.io\/?p=10068"},"modified":"2025-08-13T13:46:54","modified_gmt":"2025-08-13T11:46:54","slug":"technical-organisational-measures-gdpr-compliant-implementation","status":"publish","type":"post","link":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/technical-organisational-measures-gdpr-compliant-implementation","title":{"rendered":"Technical organisational measures (TOMs)"},"content":{"rendered":"<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-2km1i9g-a1cdff316702bf642e60513952212401\">\n.flex_column.av-2km1i9g-a1cdff316702bf642e60513952212401{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-2km1i9g-a1cdff316702bf642e60513952212401 av_one_full  avia-builder-el-0  el_before_av_one_full  avia-builder-el-first  first flex_column_div av-zero-column-padding'     ><p><section  class='av_textblock_section av-kr4mvoca-290c78681802ab8b6c5588c338c971c6'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\">Data Protection Academy<\/a> \u00bb <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\">Data Protection Wiki<\/a> \u00bb <strong>Technical organisational measures (TOMs)<\/strong><\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-20xq3v8-64c98cf79eebe22d3e73b37a3dfe2f7d\">\n.avia-image-container.av-20xq3v8-64c98cf79eebe22d3e73b37a3dfe2f7d img.avia_image{\nbox-shadow:none;\n}\n.avia-image-container.av-20xq3v8-64c98cf79eebe22d3e73b37a3dfe2f7d .av-image-caption-overlay-center{\ncolor:#ffffff;\n}\n<\/style>\n<div  class='avia-image-container av-20xq3v8-64c98cf79eebe22d3e73b37a3dfe2f7d av-styling- avia-align-left  avia-builder-el-2  el_after_av_textblock  el_before_av_hr'   itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" ><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><img decoding=\"async\" fetchpriority=\"high\" class='wp-image-14054 avia-img-lazy-loading-not-14054 avia_image' src=\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\" alt='A data protection officer implements his TOM according to DSGVO with Robin Data software' title=''  height=\"343\" width=\"685\"  itemprop=\"thumbnailUrl\" srcset=\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg 685w, https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter-300x150.jpg 300w, https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter-18x9.jpg 18w\" sizes=\"(max-width: 685px) 100vw, 685px\" \/><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-1426607cbaf62e18c4d337de43ddddc9\">\n#top .hr.hr-invisible.av-kowwomk5-1426607cbaf62e18c4d337de43ddddc9{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-1426607cbaf62e18c4d337de43ddddc9 hr-invisible  avia-builder-el-3  el_after_av_image  el_before_av_heading'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-14sz0ms-86e5f6b5fec869ff394eaa1545db8556\">\n#top .av-special-heading.av-14sz0ms-86e5f6b5fec869ff394eaa1545db8556{\npadding-bottom:10px;\ncolor:#303440;\n}\nbody .av-special-heading.av-14sz0ms-86e5f6b5fec869ff394eaa1545db8556 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-14sz0ms-86e5f6b5fec869ff394eaa1545db8556 .special-heading-inner-border{\nborder-color:#303440;\n}\n.av-special-heading.av-14sz0ms-86e5f6b5fec869ff394eaa1545db8556 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-14sz0ms-86e5f6b5fec869ff394eaa1545db8556 av-special-heading-h1 custom-color-heading blockquote modern-quote  avia-builder-el-4  el_after_av_hr  el_before_av_hr'><div class='av_custom_color av-subheading av-subheading_above'><p>Data protection according to GDPR<\/p>\n<\/div><h1 class='av-special-heading-tag'  itemprop=\"headline\"  >Technical organisational measures (TOMs)<\/h1><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-72-29b2061e0d79e5db55cf990b6822cdc1\">\n#top .hr.hr-invisible.av-kowwomk5-72-29b2061e0d79e5db55cf990b6822cdc1{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-72-29b2061e0d79e5db55cf990b6822cdc1 hr-invisible  avia-builder-el-5  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjks18-34c2dd8d15a5cfcf5b691ef81ea89338'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Even though the General Data Protection Regulation has been in force since 2018, there are hardly any standards for implementing the individual requirements. Particularly in the area of technical organisational measures, requirements from the areas of data protection and data security as well as the laws GDPR and BDSG-new converge. This appears opaque to many data protection officers, and compliance with the requirements appears complicated.<\/p>\n<p>We provide you with an overview of the legal situation and show you how you can guarantee the security of the processing of personal data with the help of technical organisational measures. Whether it's purchases in an online shop or video surveillance - any processing of personal data must be protected by appropriate technical and organisational measures.<\/p>\n<p>In the following article you will learn which technical and organisational measures you should implement and what you should pay attention to when implementing them.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-prf4s4-2d28aecb37c5ab142aa707131e0d37a9\">\n#top .av-special-heading.av-prf4s4-2d28aecb37c5ab142aa707131e0d37a9{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-prf4s4-2d28aecb37c5ab142aa707131e0d37a9 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-prf4s4-2d28aecb37c5ab142aa707131e0d37a9 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-prf4s4-2d28aecb37c5ab142aa707131e0d37a9 av-special-heading-h2 blockquote modern-quote  avia-builder-el-7  el_after_av_textblock  el_before_av_hr'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Most important information about Technical Organisational Measures<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kdu4eeyn-eb3f32c0008bb0ef46b2ec5ca7bda5fa\">\n#top .hr.hr-invisible.av-kdu4eeyn-eb3f32c0008bb0ef46b2ec5ca7bda5fa{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-kdu4eeyn-eb3f32c0008bb0ef46b2ec5ca7bda5fa hr-invisible  avia-builder-el-8  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kiipug5e-9fb40f37d4a3507a9adb6100183fdb62'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><ul>\n<li style=\"font-size: 20px;\">Technical-organisational measures are measures described in the GDPR which are intended to ensure the protection of personal data.<\/li>\n<li style=\"font-size: 20px;\">Technical-organisational measures are abbreviated as \"TOM\" or \"TOMs\".<\/li>\n<li style=\"font-size: 20px;\">Since the entry into force of the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/general-data-protection-regulation-eu-gdpr\">GDPR<\/a> 2018, are the ones listed in the <a href=\"https:\/\/help.robin-data.io\/bdsg\" target=\"_blank\" rel=\"noopener\">BDSG.<\/a> measures described are no longer applicable, instead in <a href=\"https:\/\/help.robin-data.io\/artikel-32-dsgvo\" target=\"_blank\" rel=\"noopener\">Article 32 of the GDPR<\/a> Technical-organisational measures listed in categories<\/li>\n<li style=\"font-size: 20px;\">TOMs also serve as proof of compliance with the GDPR, which is why written documentation is mandatory (stipulated in Art. <a href=\"https:\/\/help.robin-data.io\/artikel-24-dsgvo\" target=\"_blank\" rel=\"noopener\">24 Para. 1 GDPR<\/a>)<\/li>\n<\/ul>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kdu4eeyn-70-d158b8c6ab866370edc4d98797d01fbe\">\n#top .hr.hr-invisible.av-kdu4eeyn-70-d158b8c6ab866370edc4d98797d01fbe{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-kdu4eeyn-70-d158b8c6ab866370edc4d98797d01fbe hr-invisible  avia-builder-el-10  el_after_av_textblock  avia-builder-el-last'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><\/p><\/div>\n<div class='flex_column_table av-lw9umk-33703d3362028b1aa2ff3515470fd277 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-33703d3362028b1aa2ff3515470fd277\">\n.flex_column.av-lw9umk-33703d3362028b1aa2ff3515470fd277{\nborder-radius:0px 0px 0px 0px;\npadding:25px 25px 25px 25px;\nbackground-color:#f7f7f7;\n}\n<\/style>\n<div  id=\"uebersicht\"  class='flex_column av-lw9umk-33703d3362028b1aa2ff3515470fd277 av_one_full  avia-builder-el-11  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><section  class='av_textblock_section av-kiipug5e-69-43f6dfa3989decb1182dadf93e711d42'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h2>Content on the topic of Technical Organisational Measures:<\/h2>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06\">\n#top .avia-icon-list-container.av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06 .iconlist_icon{\ncolor:#127db3;\nfont-size:20px;\n}\n#top .avia-icon-list-container.av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06 .iconlist_icon svg:first-child{\nstroke:#127db3;\nfill:#127db3;\nheight:20px;\nwidth:20px;\n}\n#top #wrap_all .avia-icon-list-container.av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06 .av_iconlist_title{\nfont-size:20px;\n}\n<\/style>\n<div  class='avia-icon-list-container av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06  avia-builder-el-13  el_after_av_textblock  el_before_av_hr'><ul class='avia-icon-list avia_animate_when_almost_visible avia-icon-list-left av-iconlist-small av-kiiw1urp-f82fc44e508e0c8df422181a3e9aff06 avia-iconlist-animate'>\n<li><div class='iconlist_icon av-1teplas-b3abe2c3e11fed3668b83a7345b995d4 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#toms-unterschied&#039; title=&#039;Technical and organisational measures - What is the difference?&#039;&gt;Technical and organisational measures - What is the difference?&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#toms-unterschied' title='Technical and organisational measures - What is the difference?'>Technical and organisational measures - What is the difference?<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-3hmoes-ff557f3cbafd0b270bb6aef4e2a7e4a8 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#toms-zweck&#039; title=&#039;What are the purposes of technical organisational measures? &#039;&gt;What are the purposes of technical organisational measures? &lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#toms-zweck' title='What are the purposes of technical organisational measures? '>What are the purposes of technical organisational measures? <\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-n838l0-17d00ea4d62bcb0ac3a0df28c8a83085 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#toms-rechtliche-entwicklung&#039; title=&#039;Legal development of technical organisational measures&#039;&gt;Legal development of technical organisational measures&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#toms-rechtliche-entwicklung' title='Legal development of technical organisational measures'>Legal development of technical organisational measures<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-19c5xjo-9d907c6de14cad8ded5c6b00d5e1eba3 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#bedeutung-toms-unternehmen&#039; title=&#039;What do TOMs mean for companies?&#039;&gt;What do TOMs mean for companies?&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#bedeutung-toms-unternehmen' title='What do TOMs mean for companies?'>What do TOMs mean for companies?<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-1cnh76c-91c5e17a1934be45a636ef3616e757a7 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#toms-auswahlkriterien&#039; title=&#039;What must technical organisational measures contain according to the GDPR?&#039;&gt;What must technical organisational measures contain according to the GDPR?&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#toms-auswahlkriterien' title='What must technical organisational measures contain according to the GDPR?'>What must technical organisational measures contain according to the GDPR?<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-rowf2s-5a12dcfec806a2b67523b1d1efbf346a avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#dsgvo-konforme-umsetzung-toms&#039; title=&#039;Structure and systematisation of TOMs&#039;&gt;Structure and systematisation of TOMs&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#dsgvo-konforme-umsetzung-toms' title='Structure and systematisation of TOMs'>Structure and systematisation of TOMs<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><ul>\n<li><a href=\"#toms-vertraulichkeit\">Confidentiality<\/a><\/li>\n<li><a href=\"#toms-integritaet\">Integrity<\/a><\/li>\n<li><a href=\"#toms-verfuegbarkeit\">Availability and resilience<\/a><\/li>\n<li><a href=\"#toms-ueberpruefung\">Procedures for regular review, assessment and evaluation<\/a><\/li>\n<li><a href=\"#toms-datenschutzfreundliche-voreinstellungen\">Privacy-friendly preferences<\/a><\/li>\n<\/ul>\n<\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-1m2s4tw-8e2b6887a9ad36cdb5deb9d57979c652 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#praktische-umsetzung-toms&#039; title=&#039;Practical procedure for the creation of technical organisational measures in the company&#039;&gt;Practical procedure for the creation of technical organisational measures in the company&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#praktische-umsetzung-toms' title='Practical procedure for the creation of technical organisational measures in the company'>Practical procedure for the creation of technical organisational measures in the company<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-117livo-3942d976b56c373fe75c8294ed36ffb8 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#verhaeltnismaessigkeitsprinzip&#039; title=&#039;What is the proportionality principle?&#039;&gt;What is the proportionality principle?&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#verhaeltnismaessigkeitsprinzip' title='What is the proportionality principle?'>What is the proportionality principle?<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-35bg7n8-a1a06bff1c73d4cc9958850d9683da49 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#umsetzung-schritte&#039; title=&#039;In 8 steps to implementation&#039;&gt;In 8 steps to implementation&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#umsetzung-schritte' title='In 8 steps to implementation'>In 8 steps to implementation<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-w5tvw4-5d932a2d5edd24c1b013e0ba94f8b77b avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#toms-beispiele&#039; title=&#039;Examples of technical organisational measures&#039;&gt;Examples of technical organisational measures&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#toms-beispiele' title='Examples of technical organisational measures'>Examples of technical organisational measures<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-1aj5ff8-ac8de7e7ad3c1450fe0897de0649dc76 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#checkliste&#039; title=&#039;Whitepaper with checklist, samples, templates and examples as PDF&#039;&gt;Whitepaper with checklist, samples, templates and examples as PDF&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#checkliste' title='Whitepaper with checklist, samples, templates and examples as PDF'>Whitepaper with checklist, samples, templates and examples as PDF<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-tpaq8k-7cfeb08c4305c90b02df79c3103a48fa avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#toms-hilfe-bei-umsetzung&#039; title=&#039;Who can support the implementation of the technical and organisational measures? &#039;&gt;Who can support the implementation of the technical and organisational measures? &lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#toms-hilfe-bei-umsetzung' title='Who can support the implementation of the technical and organisational measures? '>Who can support the implementation of the technical and organisational measures? <\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-rof9sk-2c9af6d0fd36d716a41da04ea836ade8 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#toms-dokumentation-mit-robin-data&#039; title=&#039;Implementation and documentation of the technical organisational measures with the Robin Data Software&#039;&gt;Implementation and documentation of the technical organisational measures with the Robin Data Software&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#toms-dokumentation-mit-robin-data' title='Implementation and documentation of the technical organisational measures with the Robin Data Software'>Implementation and documentation of the technical organisational measures with the Robin Data Software<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-o7t8vo-719996e2775792228d9ab573ea8b902c avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#hack&#039; title=&#039;Robin Data Hack: Necessary TOMs and the derivation for practice&#039;&gt;Robin Data Hack: Necessary TOMs and the derivation for practice&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#hack' title='Robin Data Hack: Necessary TOMs and the derivation for practice'>Robin Data Hack: Necessary TOMs and the derivation for practice<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<li><div class='iconlist_icon av-o7t8vo-66-f1054b51042f5527250a39f7f7f4e4a5 avia-font-fontello avia-iconfont avia-font-fontello'><span class='av-icon-char' data-av_icon='\ue806' data-av_iconfont='fontello' aria-hidden=\"true\"><\/span><\/div><article class=\"article-icon-entry av-iconlist-empty\"  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class=\"iconlist_content_wrap\"><header class=\"entry-content-header\" aria-label=\"Icon: &lt;a href=&#039;#toms-verstoss-folgen&#039; title=&#039;Consequences of a data protection breach in the area of technical organisational measures?&#039;&gt;Consequences of a data protection breach in the area of technical organisational measures?&lt;\/a&gt;\"><div class='av_iconlist_title iconlist_title_small'  itemprop=\"headline\" ><a href='#toms-verstoss-folgen' title='Consequences of a data protection breach in the area of technical organisational measures?'>Consequences of a data protection breach in the area of technical organisational measures?<\/a><\/div><\/header><div class='iconlist_content'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><div class=\"iconlist-timeline\"><\/div><\/li>\n<\/ul><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kdu4eeyn-68-1ccc2c5ea7b1387e606fa5b67388674b\">\n#top .hr.hr-invisible.av-kdu4eeyn-68-1ccc2c5ea7b1387e606fa5b67388674b{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-kdu4eeyn-68-1ccc2c5ea7b1387e606fa5b67388674b hr-invisible  avia-builder-el-14  el_after_av_iconlist  avia-builder-el-last'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-67-8a8b387aae1f2144d2f364a948ce2aed sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-67-8a8b387aae1f2144d2f364a948ce2aed\">\n.flex_column.av-lw9umk-67-8a8b387aae1f2144d2f364a948ce2aed{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"toms-unterschied\"  class='flex_column av-lw9umk-67-8a8b387aae1f2144d2f364a948ce2aed av_one_full  avia-builder-el-15  el_after_av_one_full  el_before_av_one_half  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-27q2ej8-f25d902f3ffe402c0f5808321260a4c0\">\n#top .av-special-heading.av-27q2ej8-f25d902f3ffe402c0f5808321260a4c0{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-27q2ej8-f25d902f3ffe402c0f5808321260a4c0 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-27q2ej8-f25d902f3ffe402c0f5808321260a4c0 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-27q2ej8-f25d902f3ffe402c0f5808321260a4c0 av-special-heading-h2 blockquote modern-quote  avia-builder-el-16  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Technical and organisational measures - What is the difference?<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-71-326782c06d85e2ee1ba2788f4f02c70c\">\n#top .hr.hr-invisible.av-kowwomk5-71-326782c06d85e2ee1ba2788f4f02c70c{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-71-326782c06d85e2ee1ba2788f4f02c70c hr-invisible  avia-builder-el-17  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-b34a21796e94b3c0e298574fae408691'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Technical measures include any protection of data processing security that can be realized by physical measures or in software and hardware. Organizational measures in the sense of the <a href=\"https:\/\/help.robin-data.io\/artikel-32-dsgvo\" target=\"_blank\" rel=\"noopener\">Article 32 GDPR<\/a> include measures that involve the implementation of instructions, policies and procedures for employees to ensure the security of the processing of personal data.<\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-64-f4ffa740f2b4edcb0080564dbed6e76a sc-av_one_half av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-64-f4ffa740f2b4edcb0080564dbed6e76a\">\n.flex_column.av-lw9umk-64-f4ffa740f2b4edcb0080564dbed6e76a{\nborder-radius:0px 0px 0px 0px;\npadding:25px 25px 25px 25px;\n}\n<\/style>\n<div  id=\"toms-unterschied\"  class='flex_column av-lw9umk-64-f4ffa740f2b4edcb0080564dbed6e76a av_one_half  avia-builder-el-19  el_after_av_one_full  el_before_av_one_half  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowv4bcd-963a4bc16c2d7c08fe3735f4519fc42b\">\n.iconbox.av-kowv4bcd-963a4bc16c2d7c08fe3735f4519fc42b .iconbox_icon{\ncolor:#00b3bd;\n}\n.iconbox.av-kowv4bcd-963a4bc16c2d7c08fe3735f4519fc42b .iconbox_icon.avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<article  class='iconbox iconbox_left_content av-kowv4bcd-963a4bc16c2d7c08fe3735f4519fc42b av-icon-style-no-border  avia-builder-el-20  el_before_av_textblock  avia-builder-el-first'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='iconbox_icon heading-color avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue855' data-av_iconfont='entypo-fontello'  ><\/div><div class=\"iconbox_content\"><header class=\"entry-content-header\" aria-label=\"Icon: Examples of technical measures\"><h3 class='iconbox_content_title'  itemprop=\"headline\" >Examples of technical measures<\/h3><\/header><div class='iconbox_content_container'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><br \/>\n<section  class='av_textblock_section av-kowjxivi-62-087b383c6d7e3ddad34c52b61d5aabeb'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><ul>\n<li>Use of a firewall<\/li>\n<li>Encryption of data carriers and data transfers<\/li>\n<li>Pseudonymisation and encryption of personal data<\/li>\n<li>Installation of an alarm system<\/li>\n<li>Structural protection of buildings\/premises<\/li>\n<li>Defaults for the password complexity of users (<a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/passwordless-authentication-over-fido2\">FIDO-2<\/a>)<\/li>\n<\/ul>\n<\/div><\/section><\/p><\/div>\n<div class='av-flex-placeholder'><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-61-f351791ede349c89f7501629ac1f803a\">\n.flex_column.av-lw9umk-61-f351791ede349c89f7501629ac1f803a{\nborder-radius:0px 0px 0px 0px;\npadding:25px 25px 25px 25px;\n}\n<\/style>\n<div  id=\"toms-unterschied\"  class='flex_column av-lw9umk-61-f351791ede349c89f7501629ac1f803a av_one_half  avia-builder-el-22  el_after_av_one_half  el_before_av_one_full  flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowv4bcd-60-b86f1dcc4762f43c151caad0e8343069\">\n.iconbox.av-kowv4bcd-60-b86f1dcc4762f43c151caad0e8343069 .iconbox_icon{\ncolor:#00b3bd;\n}\n.iconbox.av-kowv4bcd-60-b86f1dcc4762f43c151caad0e8343069 .iconbox_icon.avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<article  class='iconbox iconbox_left_content av-kowv4bcd-60-b86f1dcc4762f43c151caad0e8343069 av-icon-style-no-border  avia-builder-el-23  el_before_av_textblock  avia-builder-el-first'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='iconbox_icon heading-color avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue80b' data-av_iconfont='entypo-fontello'  ><\/div><div class=\"iconbox_content\"><header class=\"entry-content-header\" aria-label=\"Icon: Examples of organisational measures\"><h3 class='iconbox_content_title'  itemprop=\"headline\" >Examples of organisational measures<\/h3><\/header><div class='iconbox_content_container'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><br \/>\n<section  class='av_textblock_section av-kowjxivi-59-e1d0ecef2ea9369673a493804a46c204'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><ul>\n<li>Employee training on data protection<\/li>\n<li>Visitor registration<\/li>\n<li>Data protection compliant disposal of documents with personal data (DIN 66399)<\/li>\n<\/ul>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-58-e74690c7c7c75af7e8c591f6ccd28b87 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-58-e74690c7c7c75af7e8c591f6ccd28b87\">\n.flex_column.av-lw9umk-58-e74690c7c7c75af7e8c591f6ccd28b87{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"bedeutung-toms-unternehmen\"  class='flex_column av-lw9umk-58-e74690c7c7c75af7e8c591f6ccd28b87 av_one_full  avia-builder-el-25  el_after_av_one_half  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwpacb-9b9571c8b617598d30961319c9795654\">\n#top .av-special-heading.av-kowwpacb-9b9571c8b617598d30961319c9795654{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kowwpacb-9b9571c8b617598d30961319c9795654 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kowwpacb-9b9571c8b617598d30961319c9795654 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"toms-zweck\"  class='av-special-heading av-kowwpacb-9b9571c8b617598d30961319c9795654 av-special-heading-h2 blockquote modern-quote  avia-builder-el-26  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >What are the purposes of technical organisational measures? <\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-63-2f4336e5479c48b31f6bd8e41cc37530\">\n#top .hr.hr-invisible.av-kowwomk5-63-2f4336e5479c48b31f6bd8e41cc37530{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-63-2f4336e5479c48b31f6bd8e41cc37530 hr-invisible  avia-builder-el-27  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-57-7335c9b4e9c8f98175e8ce1a77c76be3'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Technical organizational measures are assigned to the area of data security and serve the purpose of comprehensively protecting personal data in accordance with the latest state of the art. Before you can define suitable TOMs for your company, you must first carry out a risk analysis or a risk assessment. <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-impact-assessment-2\">Data Protection Impact Assessment (DPIA)<\/a> for the processing activities of your company. Once you have identified potential risks for processed personal data, you can adequately protect them through the use of TOMs.<\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-56-b0898ed21df7d9b5555f431e2f75a06f sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-56-b0898ed21df7d9b5555f431e2f75a06f\">\n.flex_column.av-lw9umk-56-b0898ed21df7d9b5555f431e2f75a06f{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"toms-rechtliche-entwicklung\"  class='flex_column av-lw9umk-56-b0898ed21df7d9b5555f431e2f75a06f av_one_full  avia-builder-el-29  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwpg52-5009079b0e2e478da6c20cfaaf0cfdd0\">\n#top .av-special-heading.av-kowwpg52-5009079b0e2e478da6c20cfaaf0cfdd0{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kowwpg52-5009079b0e2e478da6c20cfaaf0cfdd0 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kowwpg52-5009079b0e2e478da6c20cfaaf0cfdd0 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-kowwpg52-5009079b0e2e478da6c20cfaaf0cfdd0 av-special-heading-h2 blockquote modern-quote  avia-builder-el-30  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Legal development of technical organisational measures<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-55-dae89d09ca2e82fdcaa855dba5905800\">\n#top .hr.hr-invisible.av-kowwomk5-55-dae89d09ca2e82fdcaa855dba5905800{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-55-dae89d09ca2e82fdcaa855dba5905800 hr-invisible  avia-builder-el-31  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-54-1bf1743f4256cff684c174212810839f'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The old regulations in the BDSG were more of a catalogue of requirements that had to be worked through in order to comply with the law. The new regulations, however, see the TOMs much more as a <strong>Criterion<\/strong> in the comprehensive risk assessment to be carried out. On the one hand, this opens up new approaches to the definition of appropriate measures. On the other hand, however, it increases the concrete scope of the assessment to be carried out by the competent authority. <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-officer-gdpr\">Data Protection Officer<\/a>.<\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-53-e61600ee24f3d53ef6d4fd1613f6af86 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-53-e61600ee24f3d53ef6d4fd1613f6af86\">\n.flex_column.av-lw9umk-53-e61600ee24f3d53ef6d4fd1613f6af86{\nborder-radius:20px 20px 20px 20px;\npadding:25px 25px 25px 25px;\nbackground-color:rgba(18,125,179,0.15);\n}\n<\/style>\n<div  id=\"toms-unterschied\"  class='flex_column av-lw9umk-53-e61600ee24f3d53ef6d4fd1613f6af86 av_one_full  avia-builder-el-33  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><section  class='av_textblock_section av-kowjxivi-51-c19f1060978d4a37bf8a6621489cf2a3'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>\u00a7 9 BDSG - old<\/p>\n<p><strong>Technical and organisational measures<\/strong><\/p>\n<p>1 Public and non-public bodies that collect, process or use personal data themselves or on their behalf shall take the technical and organisational measures required to ensure the implementation of the provisions of this Act, in particular the requirements specified in the Annex to this Act.<\/p>\n<p>2 Measures are only necessary if their cost is proportionate to the protective purpose sought.<\/p>\n<\/div><\/section><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-50-278f252f53fc64c630fba30c406c696e sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-50-278f252f53fc64c630fba30c406c696e\">\n.flex_column.av-lw9umk-50-278f252f53fc64c630fba30c406c696e{\nborder-radius:20px 20px 20px 20px;\npadding:25px 25px 25px 25px;\nbackground-color:rgba(18,125,179,0.15);\n}\n<\/style>\n<div  id=\"toms-unterschied\"  class='flex_column av-lw9umk-50-278f252f53fc64c630fba30c406c696e av_one_full  avia-builder-el-35  el_after_av_one_full  el_before_av_hr  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><section  class='av_textblock_section av-kowjxivi-49-017417b484fd1463f8c76ea45a5f36ab'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Article 32 GDPR<\/p>\n<p><strong>Safety of processing<\/strong><\/p>\n<p>(1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.<strong> adequate level of protection<\/strong> These measures shall include, but not be limited to, the following, as appropriate: [...]<\/p>\n<\/div><\/section><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kdu4eeyn-65-80fce7b26b6da91d3399db9c8054bad5\">\n#top .hr.hr-invisible.av-kdu4eeyn-65-80fce7b26b6da91d3399db9c8054bad5{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-kdu4eeyn-65-80fce7b26b6da91d3399db9c8054bad5 hr-invisible  avia-builder-el-37  el_after_av_one_full  el_before_av_notification'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div>\n<div id='avia-messagebox-' class='avia_message_box av_notification av-kowly8ky-8cb958fada9ec13a0c947e858f79fee2 avia-color-blue avia-size-large avia-icon_select-yes avia-border-  avia-builder-el-38  el_after_av_hr  el_before_av_one_full' ><span class='avia_message_box_title' >Note<\/span><div class=\"avia_message_box_content\"><span class='avia_message_box_icon avia-iconfont avia-font-entypo-fontello' data-av_icon='\ue81f' data-av_iconfont='entypo-fontello' ><\/span><p>The GDPR has replaced the BDSG in its form. As a result, the BDSG has been revised and serves more as a supplement to the GDPR. Art. 32 GDPR lists technical and organisational measures.<\/p>\n<\/div><\/div>\n<div class='flex_column_table av-lw9umk-48-4d25bf65cccdf69310dbcfdb13f0f182 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-48-4d25bf65cccdf69310dbcfdb13f0f182\">\n.flex_column.av-lw9umk-48-4d25bf65cccdf69310dbcfdb13f0f182{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"bedeutung-toms-unternehmen\"  class='flex_column av-lw9umk-48-4d25bf65cccdf69310dbcfdb13f0f182 av_one_full  avia-builder-el-39  el_after_av_notification  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-m5os2c-aa58ba656616050478f5a3d5f472e79a\">\n#top .av-special-heading.av-m5os2c-aa58ba656616050478f5a3d5f472e79a{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-m5os2c-aa58ba656616050478f5a3d5f472e79a .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-m5os2c-aa58ba656616050478f5a3d5f472e79a .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"toms-auswahlkriterien\"  class='av-special-heading av-m5os2c-aa58ba656616050478f5a3d5f472e79a av-special-heading-h2  avia-builder-el-40  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >What must technical organisational measures contain according to the GDPR?<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kdu4eeyn-46-f175b5337ff8745fe456a2553116baf5\">\n#top .hr.hr-invisible.av-kdu4eeyn-46-f175b5337ff8745fe456a2553116baf5{\nheight:30px;\n}\n<\/style>\n<div  class='hr av-kdu4eeyn-46-f175b5337ff8745fe456a2553116baf5 hr-invisible  avia-builder-el-41  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-47-6d03c635ce4a3fc1d1ed80a295b3fd41'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The Technical Organisational Measures ensure an adequate level of protection in accordance with the GDPR if they contain the following:<\/p>\n<ul>\n<li>the <strong>pseudonymisation and encryption<\/strong> of personal data;<\/li>\n<li>the ability to ensure <strong>confidentiality, integrity, availability and resilience<\/strong> of the systems and services related to the processing on a permanent basis;<\/li>\n<li>the ability to ensure the availability of and access to personal data in the event of a <strong>a physical or technical incident<\/strong>;<\/li>\n<li>a procedure for the regular <strong>review, assessment and evaluation<\/strong> of the effectiveness of technical and organisational measures to ensure the security of processing.<\/li>\n<\/ul>\n<p>In doing so, controllers and clients must take into account the state of the art, implementation costs, the severity and likelihood of occurrence of the (potential) risk, the rights and freedoms of data subjects, and the nature, scope, circumstances and purposes of the processing.<\/p>\n<p>Based on these criteria, each company must develop its own catalogue of measures specifically adapted to the company. It should be noted that measures based on the criteria must be permanently reviewed, adapted and updated.<\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-13hp778-cb2f6ed406ba45417e098a50ef43208f\">\n.flex_column.av-13hp778-cb2f6ed406ba45417e098a50ef43208f{\npadding:35px 25px 30px 25px;\nbackground-color:#01064a;\nbackground:linear-gradient( to top right, #01064a, #00b3bd );\n}\n<\/style>\n<div  class='flex_column av-13hp778-cb2f6ed406ba45417e098a50ef43208f av_one_full  avia-builder-el-43  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><section  class='av_textblock_section av-loihpswy-003380dcd274b78c76fa9d922404796a'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p style=\"color: #ffffff;\">In the <strong><a href=\"https:\/\/www.robin-data.io\/en\/complianceos\" target=\"_blank\" rel=\"noopener noreferrer\">Robin Data ComplianceOS\u00ae <\/a><\/strong>you will be shown suitable TOMs based on your industry and can easily import them into your digital data protection documentation.<\/p>\n<\/div><\/section><br \/>\n<div  class='avia-button-wrap av-loihqd34-b3ce3da8e1858cb2dd6cb58c947bcfea-wrap avia-button-left  avia-builder-el-45  el_after_av_textblock  avia-builder-el-last'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-loihqd34-b3ce3da8e1858cb2dd6cb58c947bcfea\">\n#top #wrap_all .avia-button.av-loihqd34-b3ce3da8e1858cb2dd6cb58c947bcfea{\nbackground-color:#00b3bd;\nborder-color:#00b3bd;\ncolor:#ffffff;\nborder-radius:1px 1px 1px 1px;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-loihqd34-b3ce3da8e1858cb2dd6cb58c947bcfea:hover{\nbackground-color:white;\ncolor:#00b3bd;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all.avia-button.av-loihqd34-b3ce3da8e1858cb2dd6cb58c947bcfea:hover .avia_button_background{\nborder-radius:1px 1px 1px 1px;\n}\n#top #wrap_all .avia-button.av-loihqd34-b3ce3da8e1858cb2dd6cb58c947bcfea .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .avia-button.av-loihqd34-b3ce3da8e1858cb2dd6cb58c947bcfea:hover .avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/technical-organisational-measures'  class='avia-button av-loihqd34-b3ce3da8e1858cb2dd6cb58c947bcfea av-link-btn avia-icon_select-no avia-size-large avia-position-left'   aria-label=\"Learn more about the TOMs\"><span class='avia_iconbox_title' >Learn more about the TOMs<\/span><\/a><\/div><\/p><\/div>\n<div class='flex_column_table av-lw9umk-45-47bf29a9382eefe8280ab6c096933895 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-45-47bf29a9382eefe8280ab6c096933895\">\n.flex_column.av-lw9umk-45-47bf29a9382eefe8280ab6c096933895{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"bedeutung-toms-unternehmen\"  class='flex_column av-lw9umk-45-47bf29a9382eefe8280ab6c096933895 av_one_full  avia-builder-el-46  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwpqn8-fb37231da0533217ee863e534dd53281\">\n#top .av-special-heading.av-kowwpqn8-fb37231da0533217ee863e534dd53281{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kowwpqn8-fb37231da0533217ee863e534dd53281 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kowwpqn8-fb37231da0533217ee863e534dd53281 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-kowwpqn8-fb37231da0533217ee863e534dd53281 av-special-heading-h2 blockquote modern-quote  avia-builder-el-47  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >What do TOMs mean for companies?<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-52-a470eaf99de4198533872da2caab802c\">\n#top .hr.hr-invisible.av-kowwomk5-52-a470eaf99de4198533872da2caab802c{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-52-a470eaf99de4198533872da2caab802c hr-invisible  avia-builder-el-48  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-44-978a57dacfa819758eb795ae9f187bd2'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>With the entry into force of the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/general-data-protection-regulation-eu-gdpr\">GDPR<\/a> the safety of the processing <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/personal-data\">personal data<\/a> expanded and with it the <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/documentation-obligation-gdpr\">documentation and verification obligations<\/a>. If companies process, collect or store particularly sensitive and personal data, they are obliged to implement TOM.<\/p>\n<p>All measures taken to protect the data must be documented in order to be able to prove precise records of the precautions taken in the event of damage. If technical and organisational measures are <strong>carefully documented and implemented<\/strong> your company benefits in many ways. This is how you protect your company from<strong> fines and loss of reputation.<\/strong>In addition, sensitive company data and business secrets are also protected.<\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-43-88ae304d817b373b4dcef45689497622 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-43-88ae304d817b373b4dcef45689497622\">\n.flex_column.av-lw9umk-43-88ae304d817b373b4dcef45689497622{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"dsgvo-konforme-umsetzung-toms\"  class='flex_column av-lw9umk-43-88ae304d817b373b4dcef45689497622 av_one_full  avia-builder-el-50  el_after_av_one_full  el_before_av_one_half  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwpx3e-91ea91c055955c5d2ceadc340364d559\">\n#top .av-special-heading.av-kowwpx3e-91ea91c055955c5d2ceadc340364d559{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kowwpx3e-91ea91c055955c5d2ceadc340364d559 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kowwpx3e-91ea91c055955c5d2ceadc340364d559 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-kowwpx3e-91ea91c055955c5d2ceadc340364d559 av-special-heading-h2 blockquote modern-quote  avia-builder-el-51  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Structure and systematisation<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-42-658d0238b138910566a9b55ebe3027a6\">\n#top .hr.hr-invisible.av-kowwomk5-42-658d0238b138910566a9b55ebe3027a6{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-42-658d0238b138910566a9b55ebe3027a6 hr-invisible  avia-builder-el-52  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-41-d0a1900ff056632c9740c2dc13fcbbdb'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>With the entry into force of the GDPR, the security of the processing of personal data has been expanded and with it the documentation and verification obligations. The General Data Protection Regulation remains rather vague when it comes to a concrete definition of technical organisational measures. In purely schematic terms, the following systematisation patterns can be compared for the definition of TOM:<\/p>\n<\/div><\/section><br \/>\n<section  class='av_textblock_section av-kowjxivi-38-21fcd60af1f6e8938183d87e3b450b77'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4><br class=\"avia-permanent-lb\" \/>Classic structure of TOM according to <span style=\"color: #127db3;\">old model<\/span>: <br class=\"avia-permanent-lb\" \/><br class=\"avia-permanent-lb\" \/><\/h4>\n<ul>\n<li>Measures for access control of data processing centres<\/li>\n<li>Measures for access control of data processing systems<\/li>\n<li>Measures for access control of personal data in data processing systems<\/li>\n<li>Measures of transfer control<\/li>\n<li>Measures of order control<\/li>\n<li>Measures of availability control<\/li>\n<li>Measures to implement the separation requirement<\/li>\n<\/ul>\n<h4 class=\"translation-block\"><br class=\"avia-permanent-lb\">In contrast, the following structure is predominantly chosen <span style=\"color: #00b3bd\">uniformly today<\/span> :<\/h4>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-40-f5d36facfdd36c2fba9d0c3bede92f92 sc-av_one_half av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-40-f5d36facfdd36c2fba9d0c3bede92f92\">\n.flex_column.av-lw9umk-40-f5d36facfdd36c2fba9d0c3bede92f92{\nborder-radius:5px 5px 5px 5px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  id=\"dsgvo-konforme-umsetzung-toms\"  class='flex_column av-lw9umk-40-f5d36facfdd36c2fba9d0c3bede92f92 av_one_half  avia-builder-el-55  el_after_av_one_full  el_before_av_one_half  first flex_column_table_cell av-equal-height-column av-align-top av-zero-column-padding  column-top-margin'     ><section  id=\"toms-vertraulichkeit\"  class='av_textblock_section av-kowjxivi-37-92366cf92b6016666b4b21ec5d3a30e9'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4>Confidentiality<\/h4>\n<ul>\n<li>Measures for access control of data processing centres<\/li>\n<li>Measures for access control of data processing systems<\/li>\n<li>Measures for access control of personal data in data processing systems<\/li>\n<li>Measures of separation control<\/li>\n<li>Pseudonymisation measures<\/li>\n<\/ul>\n<p><a href=\"https:\/\/help.robin-data.io\/artikel-32-dsgvo\" target=\"_blank\" rel=\"noopener\">Defined in Art. 32 (1) a) and b) GDPR<\/a><\/p>\n<\/div><\/section><\/div>\n<div class='av-flex-placeholder'><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-36-b22c52d95444fc4f502270d7faa6ee45\">\n.flex_column.av-lw9umk-36-b22c52d95444fc4f502270d7faa6ee45{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"dsgvo-konforme-umsetzung-toms\"  class='flex_column av-lw9umk-36-b22c52d95444fc4f502270d7faa6ee45 av_one_half  avia-builder-el-57  el_after_av_one_half  el_before_av_one_half  flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><section  id=\"toms-integritaet\"  class='av_textblock_section av-kowjxivi-35-1bfcb7ca9118f11ae176aedda07ee236'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4>Integrity<\/h4>\n<ul>\n<li>Measures of transfer control<\/li>\n<li>Input control measures<\/li>\n<\/ul>\n<p><a href=\"https:\/\/help.robin-data.io\/artikel-32-dsgvo\" target=\"_blank\" rel=\"noopener\">Defined in Art. 32 (1) b) GDPR<\/a><\/p>\n<\/div><\/section><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-34-62021c1e3eeba3aba1974f91311597c4 sc-av_one_half av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-34-62021c1e3eeba3aba1974f91311597c4\">\n.flex_column.av-lw9umk-34-62021c1e3eeba3aba1974f91311597c4{\nborder-radius:5px 5px 5px 5px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"dsgvo-konforme-umsetzung-toms\"  class='flex_column av-lw9umk-34-62021c1e3eeba3aba1974f91311597c4 av_one_half  avia-builder-el-59  el_after_av_one_half  el_before_av_one_half  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><section  id=\"toms-ueberpruefung\"  class='av_textblock_section av-kowjxivi-33-d4968bbdbe3810e48e672f532548986e'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4>Procedures for regular review, assessment and evaluation<\/h4>\n<ul>\n<li>Data Protection Management<\/li>\n<li>Incident Response Management<\/li>\n<li>Order control<\/li>\n<\/ul>\n<p>Defined in <a href=\"https:\/\/help.robin-data.io\/artikel-32-dsgvo\" target=\"_blank\" rel=\"noopener\">Art. 32 para. 1 lit. d GDPR<\/a> and the <a href=\"https:\/\/help.robin-data.io\/artikel-25-dsgvo\" target=\"_blank\" rel=\"noopener\">Art. 25 para. 1 GDPR<\/a><\/p>\n<\/div><\/section><\/div>\n<div class='av-flex-placeholder'><\/div>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-32-c8f8d9608e55c1efa3a844a27b8bfdd9\">\n.flex_column.av-lw9umk-32-c8f8d9608e55c1efa3a844a27b8bfdd9{\nborder-radius:px px px px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"dsgvo-konforme-umsetzung-toms\"  class='flex_column av-lw9umk-32-c8f8d9608e55c1efa3a844a27b8bfdd9 av_one_half  avia-builder-el-61  el_after_av_one_half  el_before_av_one_full  flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><section  id=\"toms-verfuegbarkeit\"  class='av_textblock_section av-kowjxivi-31-7c0e12f0c96d2d54c96f2e66609bcfaa'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4>Availability and resilience<\/h4>\n<ul>\n<li>Availability control<\/li>\n<\/ul>\n<p><a href=\"https:\/\/help.robin-data.io\/artikel-32-dsgvo\" target=\"_blank\" rel=\"noopener\">Defined in Art. 32. para. 1 lit. b) GDPR<\/a><\/p>\n<\/div><\/section><br \/>\n<section  id=\"toms-datenschutzfreundliche-voreinstellungen\"  class='av_textblock_section av-kowjxivi-29-961720a20356feaf1b5ed1b2ad36ceb7'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h4>Privacy friendly preferences<\/h4>\n<ul>\n<li>Privacy by design \/ Privacy by default<\/li>\n<\/ul>\n<p>Defined in <a href=\"https:\/\/help.robin-data.io\/artikel-25-dsgvo\" target=\"_blank\" rel=\"noopener\">Art. 25 (2) GDPR<\/a><\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-30-beb2d6e2b71367f8470e63ccd6a324c2 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-30-beb2d6e2b71367f8470e63ccd6a324c2\">\n.flex_column.av-lw9umk-30-beb2d6e2b71367f8470e63ccd6a324c2{\nborder-radius:5px 5px 5px 5px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"praktische-umsetzung-toms\"  class='flex_column av-lw9umk-30-beb2d6e2b71367f8470e63ccd6a324c2 av_one_full  avia-builder-el-64  el_after_av_one_half  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-1qufej8-2bc91e2f9a8705acbc91c4e6e5c920f2\">\n#top .av-special-heading.av-1qufej8-2bc91e2f9a8705acbc91c4e6e5c920f2{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-1qufej8-2bc91e2f9a8705acbc91c4e6e5c920f2 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-1qufej8-2bc91e2f9a8705acbc91c4e6e5c920f2 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"toms-verstoss-folgen\"  class='av-special-heading av-1qufej8-2bc91e2f9a8705acbc91c4e6e5c920f2 av-special-heading-h2 blockquote modern-quote  avia-builder-el-65  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Practical procedure for the creation of technical organisational measures in the company<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-39-31ab560cd274a547607c1ecff53625b5\">\n#top .hr.hr-invisible.av-kowwomk5-39-31ab560cd274a547607c1ecff53625b5{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-39-31ab560cd274a547607c1ecff53625b5 hr-invisible  avia-builder-el-66  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-28-a3f04d8b02a8a2b247905295c41b3de5'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>An important part of the implementation of the Technical Organisational Measures is the documentation of the implemented TOMs. However, it should not be forgotten that the documentation of the measures is only a partial step.<\/p>\n<p>TOMs serve the purpose of comprehensively protecting personal data in accordance with the latest state of the art. Before you can define suitable TOMs for your company, you must first carry out a risk analysis or a risk assessment. <a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/data-protection-impact-assessment-2\">Data Protection Impact Assessment (DPIA)<\/a> for the processing activities of your company. Only the interaction with the specific processing activities will show whether the individual protection measures can be sufficient to ensure the necessary level of security.<\/p>\n<p>Each company must therefore develop its own catalogue of measures specifically adapted to the company. It should be noted that measures must be permanently reviewed, adapted and updated on the basis of the criteria. In purely practical terms, it is therefore advisable to differentiate according to the specific processing scenarios when drafting the TOM.<\/p>\n<h4>The following systematisation can be recommended:<\/h4>\n<ul>\n<li>A representation of the TOMs that concerns all techniques that are applied throughout the enterprise and are likely to affect all processing operations.<\/li>\n<li>Individual specific measures, which are assigned to them in the context of the concrete processing activities.<\/li>\n<li>(Optional) A representation containing only the measures relevant in processing relationships.<\/li>\n<\/ul>\n<p>The subsequent risk assessment should also usefully take place in the context of the processing registers, taking into account both the information provided in the \"General\" TOM and the additional measures of the specific processing operations.<\/p>\n<p>Furthermore, it must be ensured that the organisational measures taken do not merely exist on paper, but that the necessary instructions under labour law are effectively taken vis-\u00e0-vis the employees. Only such measures can be considered effective.<\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-1leysms-b6486ab6520650722b6a3d5f593b262e\">\n.flex_column.av-1leysms-b6486ab6520650722b6a3d5f593b262e{\npadding:35px 25px 30px 25px;\nbackground-color:#01064a;\nbackground:linear-gradient( to top right, #01064a, #00b3bd );\n}\n<\/style>\n<div  class='flex_column av-1leysms-b6486ab6520650722b6a3d5f593b262e av_one_full  avia-builder-el-68  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><section  class='av_textblock_section av-z7qi5w-1d064f95f0b536ad4856aa58a850e047'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p style=\"font-size: 20px;\"><strong style=\"color: #ffffff;\">Implement your organisation's TOMs with Robin Data<\/strong><\/p>\n<p><span style=\"color: #ffffff;\"> Let ComplianceOS\u00ae Compliance Field Data Protection guide you through all the requirements of the GDPR. Starting with the implementation of the register of processing activities, the identification of necessary data protection impact assessments, the implementation of <strong style=\"color: #ffffff;\">technical organisational measures<\/strong> through to the fulfilment of documentation obligations, Robin Data always provides you with the right tools. Start by booking a short introductory meeting with us.<\/span><\/p>\n<\/div><\/section><br \/>\n<div  class='avia-button-wrap av-ojhcc4-7181b67aee2c1edcf53d1a1257cb1daf-wrap avia-button-left  avia-builder-el-70  el_after_av_textblock  avia-builder-el-last'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-ojhcc4-7181b67aee2c1edcf53d1a1257cb1daf\">\n#top #wrap_all .avia-button.av-ojhcc4-7181b67aee2c1edcf53d1a1257cb1daf{\nbackground-color:#00b3bd;\nborder-color:#00b3bd;\ncolor:#ffffff;\nborder-radius:1px 1px 1px 1px;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-ojhcc4-7181b67aee2c1edcf53d1a1257cb1daf:hover{\nbackground-color:white;\ncolor:#00b3bd;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all.avia-button.av-ojhcc4-7181b67aee2c1edcf53d1a1257cb1daf:hover .avia_button_background{\nborder-radius:1px 1px 1px 1px;\n}\n#top #wrap_all .avia-button.av-ojhcc4-7181b67aee2c1edcf53d1a1257cb1daf .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .avia-button.av-ojhcc4-7181b67aee2c1edcf53d1a1257cb1daf:hover .avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/events\/demo\/#anmeldung'  class='avia-button av-ojhcc4-7181b67aee2c1edcf53d1a1257cb1daf av-link-btn avia-icon_select-no avia-size-large avia-position-left'   aria-label=\"Schedule a meeting\"><span class='avia_iconbox_title' >Schedule a meeting<\/span><\/a><\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-ky8p0rog-3b474f936ab9fd9116694cc3ad037202\">\n.flex_column.av-ky8p0rog-3b474f936ab9fd9116694cc3ad037202{\npadding:35px 25px 30px 25px;\n}\n<\/style>\n<div  class='flex_column av-ky8p0rog-3b474f936ab9fd9116694cc3ad037202 av_one_full  avia-builder-el-71  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-1b3xgfo-6443be1f3c7c38db46e49026084f8b95\">\n#top .av-special-heading.av-1b3xgfo-6443be1f3c7c38db46e49026084f8b95{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-1b3xgfo-6443be1f3c7c38db46e49026084f8b95 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-1b3xgfo-6443be1f3c7c38db46e49026084f8b95 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"verhaeltnismaessigkeitsprinzip\"  class='av-special-heading av-1b3xgfo-6443be1f3c7c38db46e49026084f8b95 av-special-heading-h2 blockquote modern-quote  avia-builder-el-72  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >What is the proportionality principle?<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-26-5e29e4a914450d9e3ecd3064ef6c9301\">\n#top .hr.hr-invisible.av-kowwomk5-26-5e29e4a914450d9e3ecd3064ef6c9301{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-26-5e29e4a914450d9e3ecd3064ef6c9301 hr-invisible  avia-builder-el-73  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-25-e35a9f8474b4d19047bdba2df902d842'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Article 32 of the GDPR states that the implementation costs of the technical and organisational measures must be taken into account in order to ensure a level of protection appropriate to the risk. By taking into account the economic adequacy, the TOM projects may be somewhat limited and, for example, the TOM of a small company may meet different standards than the TOM of a large corporation.<\/p>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kp3sis5r-4c486318ab97e0d34ebc40afce558f8c\">\n#top .av-special-heading.av-kp3sis5r-4c486318ab97e0d34ebc40afce558f8c{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kp3sis5r-4c486318ab97e0d34ebc40afce558f8c .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kp3sis5r-4c486318ab97e0d34ebc40afce558f8c .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"umsetzung-schritte\"  class='av-special-heading av-kp3sis5r-4c486318ab97e0d34ebc40afce558f8c av-special-heading-h2 blockquote modern-quote  avia-builder-el-75  el_after_av_textblock  el_before_av_hr'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Eight steps to implementation<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-24-53389cdbf7d6a0993023a0c19d5e19ba\">\n#top .hr.hr-invisible.av-kowwomk5-24-53389cdbf7d6a0993023a0c19d5e19ba{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-24-53389cdbf7d6a0993023a0c19d5e19ba hr-invisible  avia-builder-el-76  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-23-22ed66372068b73e70ebc4044b6b2f88'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>The process for selecting appropriate security measures, or \"ZAWAS\" for short, was drawn up by the LfD Lower Saxony and comprises the following steps:<\/p>\n<ol>\n<li style=\"font-size: 20px;\">Describe processing activity<\/li>\n<li style=\"font-size: 20px;\">Check legal basis<\/li>\n<li style=\"font-size: 20px;\">Perform structural analysis<\/li>\n<li style=\"font-size: 20px;\">Conduct a risk assessment<\/li>\n<li style=\"font-size: 20px;\">Select measures<\/li>\n<li style=\"font-size: 20px;\">Evaluate residual risk<\/li>\n<li style=\"font-size: 20px;\">Consolidate measures<\/li>\n<li style=\"font-size: 20px;\">Implement measures<\/li>\n<\/ol>\n<p>The ZAWAS principle of the LfD Lower Saxony is a practical orientation for data protection officers who have an overview of the processing activities of their company. After implementing the measures, however, the step of data protection documentation should follow in order to comply with the documentation and verification obligations of the GDPR and to be meaningful in the event of an audit.<\/p>\n<\/div><\/section><\/p><\/div>\n<div class='flex_column_table av-lw9umk-27-817f625a3472dabc084de04ea28f0d09 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-27-817f625a3472dabc084de04ea28f0d09\">\n.flex_column.av-lw9umk-27-817f625a3472dabc084de04ea28f0d09{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"toms-beispiele\"  class='flex_column av-lw9umk-27-817f625a3472dabc084de04ea28f0d09 av_one_full  avia-builder-el-78  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-po0yms-e09037c047ed5d1d564bce1764ebae23\">\n#top .av-special-heading.av-po0yms-e09037c047ed5d1d564bce1764ebae23{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-po0yms-e09037c047ed5d1d564bce1764ebae23 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-po0yms-e09037c047ed5d1d564bce1764ebae23 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"toms-verstoss-folgen\"  class='av-special-heading av-po0yms-e09037c047ed5d1d564bce1764ebae23 av-special-heading-h2 blockquote modern-quote  avia-builder-el-79  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Examples of technical organisational measures<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-22-1cb0ea0d05cebc895d4b1369a10234c1\">\n#top .hr.hr-invisible.av-kowwomk5-22-1cb0ea0d05cebc895d4b1369a10234c1{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-22-1cb0ea0d05cebc895d4b1369a10234c1 hr-invisible  avia-builder-el-80  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-21-f9ad984d07f759b29513b9d6e1974b74'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><ul>\n<li>Locking systems with code locks<\/li>\n<li>Chip cards for locked areas<\/li>\n<li>Access barriers secured with biometric features<\/li>\n<li>Data protection compliant video surveillance<\/li>\n<li>Secure firewall<\/li>\n<li>Anti-virus software<\/li>\n<li>Locking USB ports and other external interfaces<\/li>\n<li>Locking of device housings<\/li>\n<li>Authentication via password entry or biometric scans<\/li>\n<li>Security locks<\/li>\n<li>Logging of access to applications and processes such as data destruction<\/li>\n<li>Data protection compliant destruction of data carriers (files, drives etc.)<\/li>\n<li>Encryption of data carriers and mobile devices<\/li>\n<\/ul>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-20-613fcdb0cb1aa40fbf11b30b2f122c54 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-20-613fcdb0cb1aa40fbf11b30b2f122c54\">\n.flex_column.av-lw9umk-20-613fcdb0cb1aa40fbf11b30b2f122c54{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"toms-unterschied\"  class='flex_column av-lw9umk-20-613fcdb0cb1aa40fbf11b30b2f122c54 av_one_full  avia-builder-el-82  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-jmaqpg-f99fe9459182cf5b55037d2317d7660c\">\n#top .av-special-heading.av-jmaqpg-f99fe9459182cf5b55037d2317d7660c{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-jmaqpg-f99fe9459182cf5b55037d2317d7660c .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-jmaqpg-f99fe9459182cf5b55037d2317d7660c .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"checkliste\"  class='av-special-heading av-jmaqpg-f99fe9459182cf5b55037d2317d7660c av-special-heading-h2 blockquote modern-quote  avia-builder-el-83  el_before_av_image  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Whitepaper with checklist, samples, templates and examples as PDF<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kp3xh687-550dfbe096240e0bcea21c78231bf933\">\n.avia-image-container.av-kp3xh687-550dfbe096240e0bcea21c78231bf933 img.avia_image{\nbox-shadow:none;\n}\n.avia-image-container.av-kp3xh687-550dfbe096240e0bcea21c78231bf933 .av-image-caption-overlay-center{\ncolor:#ffffff;\n}\n<\/style>\n<div  class='avia-image-container av-kp3xh687-550dfbe096240e0bcea21c78231bf933 av-styling- avia-align-left  avia-builder-el-84  el_after_av_heading  el_before_av_hr  tp_de2'   itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" ><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><img decoding=\"async\" fetchpriority=\"high\" class='wp-image-10457 avia-img-lazy-loading-not-10457 avia_image' src=\"https:\/\/media.robin-data.io\/2021\/05\/25125809\/Cover-Whitepaper-TOMs-1030x429.png\" alt='TOM checklist, samples, templates and examples as PDF. Contents are listed in the following text.' title='Cover whitepaper TOMs'  height=\"429\" width=\"1030\"  itemprop=\"thumbnailUrl\" srcset=\"https:\/\/media.robin-data.io\/2021\/05\/25125809\/Cover-Whitepaper-TOMs-1030x429.png 1030w, https:\/\/media.robin-data.io\/2021\/05\/25125809\/Cover-Whitepaper-TOMs-300x125.png 300w, https:\/\/media.robin-data.io\/2021\/05\/25125809\/Cover-Whitepaper-TOMs-768x320.png 768w, https:\/\/media.robin-data.io\/2021\/05\/25125809\/Cover-Whitepaper-TOMs-18x7.png 18w, https:\/\/media.robin-data.io\/2021\/05\/25125809\/Cover-Whitepaper-TOMs-705x293.png 705w, https:\/\/media.robin-data.io\/2021\/05\/25125809\/Cover-Whitepaper-TOMs.png 1110w\" sizes=\"(max-width: 1030px) 100vw, 1030px\" \/><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-19-1e500a790f373924dc6a5862cbfeec85\">\n#top .hr.hr-invisible.av-kowwomk5-19-1e500a790f373924dc6a5862cbfeec85{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-19-1e500a790f373924dc6a5862cbfeec85 hr-invisible  avia-builder-el-85  el_after_av_image  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-18-bc3a261c397ba6863663e14e024eafc4'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p style=\"font-size: 20px; color: #00b3bd;\">In the whitepaper on Technical Organisational Measures you will find:<\/p>\n<ul>\n<li><strong>43 Examples\u00a0<\/strong>for TOMs divided into confidentiality, integrity and other categories<\/li>\n<li>12\u00a0<strong>ready-made examples<\/strong>\u00a0for your data protection documentation<\/li>\n<li>Each\u00a0<strong>Examples of technical AND organisational<\/strong>\u00a0measures<\/li>\n<li><strong>Checklist to tick off\u00a0<\/strong>the TOMs for your company<\/li>\n<li>References to\u00a0<strong>background information and relevant legal basis<\/strong><\/li>\n<\/ul>\n<\/div><\/section><br \/>\n<br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-otjkgk-b470b330ea543b078980495e2404cf87\">\n.avia_message_box.av-otjkgk-b470b330ea543b078980495e2404cf87{\nbackground-color:rgba(244,150,0,0.3);\ncolor:#303440;\n}\n.avia_message_box.av-otjkgk-b470b330ea543b078980495e2404cf87 .avia_message_box_icon.avia-svg-icon svg:first-child{\nfill:#303440;\nstroke:#303440;\n}\n<\/style>\n<div id='avia-messagebox-' class='avia_message_box av_notification av-otjkgk-b470b330ea543b078980495e2404cf87 avia-color-custom avia-size-large avia-icon_select-no avia-border-  avia-builder-el-88  el_after_av_codeblock  avia-builder-el-last  tp_en2' ><div class=\"avia_message_box_content\"><p>Unfortunately this content is currently only available in German. Please feel free to <a href=\"https:\/\/www.robin-data.io\/en\/contact#formular\">contact us<\/a> for more information.<\/p>\n<\/div><\/div><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-17-52a2ef1c59fd76c65fe75b738bb0ac0f sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-17-52a2ef1c59fd76c65fe75b738bb0ac0f\">\n.flex_column.av-lw9umk-17-52a2ef1c59fd76c65fe75b738bb0ac0f{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"dsgvo-konforme-umsetzung-toms\"  class='flex_column av-lw9umk-17-52a2ef1c59fd76c65fe75b738bb0ac0f av_one_full  avia-builder-el-89  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwqzl2-2b5595823144dc318ceadabd2c100b18\">\n#top .av-special-heading.av-kowwqzl2-2b5595823144dc318ceadabd2c100b18{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kowwqzl2-2b5595823144dc318ceadabd2c100b18 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kowwqzl2-2b5595823144dc318ceadabd2c100b18 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"toms-hilfe-bei-umsetzung\"  class='av-special-heading av-kowwqzl2-2b5595823144dc318ceadabd2c100b18 av-special-heading-h2 blockquote modern-quote  avia-builder-el-90  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Who can support the implementation of the technical and organisational measures? <\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-16-f35483ddbffac66081b5f06014ab8a75\">\n#top .hr.hr-invisible.av-kowwomk5-16-f35483ddbffac66081b5f06014ab8a75{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-16-f35483ddbffac66081b5f06014ab8a75 hr-invisible  avia-builder-el-91  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-15-32a3ca04ec20d48a6b2aa7eafdafac82'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p class=\"translation-block\">Generally responsible for data protection in a company is the management, which usually delegates this task internally or appoints an external <strong>data protection officer<\/strong>. Successful data protection always requires cross-departmental cooperation, especially with regard to TOMs, since contacts from the <strong>IT department<\/strong> have the best overview of technical details and technical implementation. But colleagues from the <strong>Human Resources<\/strong> department must also be involved, because employees must be trained to deal with established TOMs. In turn, <strong>department heads<\/strong> can provide support in this task.<\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-14-f78e32531d9e8407aebb8f4e8c41c2f8 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-14-f78e32531d9e8407aebb8f4e8c41c2f8\">\n.flex_column.av-lw9umk-14-f78e32531d9e8407aebb8f4e8c41c2f8{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"toms-dokumentation-mit-robin-data\"  class='flex_column av-lw9umk-14-f78e32531d9e8407aebb8f4e8c41c2f8 av_one_full  avia-builder-el-93  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwr6qv-97567a2eda57762c705bbeb113083e29\">\n#top .av-special-heading.av-kowwr6qv-97567a2eda57762c705bbeb113083e29{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kowwr6qv-97567a2eda57762c705bbeb113083e29 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kowwr6qv-97567a2eda57762c705bbeb113083e29 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"toms-hilfe-bei-umsetzung\"  class='av-special-heading av-kowwr6qv-97567a2eda57762c705bbeb113083e29 av-special-heading-h2 blockquote modern-quote  avia-builder-el-94  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Implementation and documentation of the technical organisational measures with the Robin Data Software<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-13-90e3d2e8235895010e4217cb8270ccc4\">\n#top .hr.hr-invisible.av-kowwomk5-13-90e3d2e8235895010e4217cb8270ccc4{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-13-90e3d2e8235895010e4217cb8270ccc4 hr-invisible  avia-builder-el-95  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-12-954284f82075da07738382305387f8d2'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>If you are interested in the implementation and documentation of the Technical Organisational Measures with the Robin Data ComplianceOS\u00ae, you can download the individual <a href=\"https:\/\/help.robin-data.io\/technisch-organisatorische-massnahmen\" target=\"_blank\" rel=\"noopener\">articles in our Help Center<\/a> or book <a href=\"https:\/\/www.robin-data.io\/en\/events\/#demo\">free initial meetings<\/a> book.<\/p>\n<\/div><\/section><br \/>\n<\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-11-bcb2c0618d9fa2aea325315251285930 sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-11-bcb2c0618d9fa2aea325315251285930\">\n.flex_column.av-lw9umk-11-bcb2c0618d9fa2aea325315251285930{\nborder-radius:5px 5px 5px 5px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  id=\"dsgvo-konforme-umsetzung-toms\"  class='flex_column av-lw9umk-11-bcb2c0618d9fa2aea325315251285930 av_one_full  avia-builder-el-98  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top av-zero-column-padding  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwrca8-7e5e227d60e77d02afa58eb5dac40ad1\">\n#top .av-special-heading.av-kowwrca8-7e5e227d60e77d02afa58eb5dac40ad1{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-kowwrca8-7e5e227d60e77d02afa58eb5dac40ad1 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-kowwrca8-7e5e227d60e77d02afa58eb5dac40ad1 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"toms-verstoss-folgen\"  class='av-special-heading av-kowwrca8-7e5e227d60e77d02afa58eb5dac40ad1 av-special-heading-h2 blockquote modern-quote  avia-builder-el-99  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >What are the consequences of a data protection breach?<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-10-e212613c27619fc100a7eafc7ddcb675\">\n#top .hr.hr-invisible.av-kowwomk5-10-e212613c27619fc100a7eafc7ddcb675{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-10-e212613c27619fc100a7eafc7ddcb675 hr-invisible  avia-builder-el-100  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-9-58451070f1dfafa9368963d048841e2f'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>A breach of data protection law in the area of Technical Organisational Measures is described in <a href=\"https:\/\/help.robin-data.io\/artikel-5-dsgvo\" target=\"_blank\" rel=\"noopener\">Art. 5 para. 1 of the GDPR<\/a> defined as a breach of integrity and confidentiality. Controllers thus violate the principles of data processing and must, in accordance with <a href=\"https:\/\/help.robin-data.io\/artikel-83-dsgvo\" target=\"_blank\" rel=\"noopener\">Art. 83 (5) GDPR<\/a> face fines of up to \u20ac20 million or 4% of turnover.<\/p>\n<p>If the precautions taken turn out to be inadequate in the course of a data breach, companies run a high risk. In such a case, the <a href=\"https:\/\/help.robin-data.io\/artikel-83-dsgvo\" target=\"_blank\" rel=\"noopener\">GDPR Art. 83 Par. 4<\/a> fines of up to \u20ac10 million or 2% of turnover.<\/p>\n<p>The amount of the fine incurred is determined by certain criteria: Type, severity and duration of a violation as well as the associated consequences. Measures taken (TOMs) are also used to determine the amount. The documentation of the technical and organisational measures taken is therefore an essential part of the process.<strong> legal protection<\/strong> which may reduce the amount of the fine.<\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-lw9umk-8-4a9a132fd564e54830450260bae8a21c sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-lw9umk-8-4a9a132fd564e54830450260bae8a21c\">\n.flex_column.av-lw9umk-8-4a9a132fd564e54830450260bae8a21c{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"dsgvo-konforme-umsetzung-toms\"  class='flex_column av-lw9umk-8-4a9a132fd564e54830450260bae8a21c av_one_full  avia-builder-el-102  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-jzxkgk-fefa50a7731e5fa754770ff6a3e8327e\">\n#top .av-special-heading.av-jzxkgk-fefa50a7731e5fa754770ff6a3e8327e{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-jzxkgk-fefa50a7731e5fa754770ff6a3e8327e .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-jzxkgk-fefa50a7731e5fa754770ff6a3e8327e .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  id=\"toms-verstoss-folgen\"  class='av-special-heading av-jzxkgk-fefa50a7731e5fa754770ff6a3e8327e av-special-heading-h2 blockquote modern-quote  avia-builder-el-103  el_before_av_hr  avia-builder-el-first'><h2 class='av-special-heading-tag'  itemprop=\"headline\"  >Conclusion: TOMs must be adapted to the requirements of the company<\/h2><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kowwomk5-7-30264a322c00b33201e43061e1c15d56\">\n#top .hr.hr-invisible.av-kowwomk5-7-30264a322c00b33201e43061e1c15d56{\nheight:10px;\n}\n<\/style>\n<div  class='hr av-kowwomk5-7-30264a322c00b33201e43061e1c15d56 hr-invisible  avia-builder-el-104  el_after_av_heading  el_before_av_textblock'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<section  class='av_textblock_section av-kowjxivi-6-782761f93e945bfa0bc956d718d5b06d'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p>Security in the processing of personal data in accordance with Article 32 of the GDPR is an essential component for ensuring data protection within a company. The technical organisational measures play a central role in this.<\/p>\n<p>Not only are risks identified for the company internally and corporate security strengthened, but your customers in particular benefit from the GDPR-compliant implementation of the TOMs. Companies of all sizes are required to carefully implement and document the technical organisational measures.<\/p>\n<p>Digital solutions, checklists, guidelines from the supervisory authorities and data protection officers can help here.<\/p>\n<\/div><\/section><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n<div class='flex_column_table av-3xcysz8-44f175fbdd8230a4a6ffb2729c589b6a sc-av_one_full av-equal-height-column-flextable'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-3xcysz8-44f175fbdd8230a4a6ffb2729c589b6a\">\n.flex_column.av-3xcysz8-44f175fbdd8230a4a6ffb2729c589b6a{\nborder-radius:0px 0px 0px 0px;\npadding:5px 5px 5px 5px;\n}\n<\/style>\n<div  id=\"faq\"  class='flex_column av-3xcysz8-44f175fbdd8230a4a6ffb2729c589b6a av_one_full  avia-builder-el-106  el_after_av_one_full  el_before_av_one_full  first flex_column_table_cell av-equal-height-column av-align-top  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-3mi80no-c91864e73f1f0cbe5d6be4c241a282c4\">\n#top .av-special-heading.av-3mi80no-c91864e73f1f0cbe5d6be4c241a282c4{\npadding-bottom:10px;\n}\nbody .av-special-heading.av-3mi80no-c91864e73f1f0cbe5d6be4c241a282c4 .av-special-heading-tag .heading-char{\nfont-size:25px;\n}\n.av-special-heading.av-3mi80no-c91864e73f1f0cbe5d6be4c241a282c4 .av-subheading{\nfont-size:15px;\n}\n<\/style>\n<div  class='av-special-heading av-3mi80no-c91864e73f1f0cbe5d6be4c241a282c4 av-special-heading-h3 blockquote modern-quote  avia-builder-el-107  el_before_av_toggle_container  avia-builder-el-first'><h3 class='av-special-heading-tag'  itemprop=\"headline\"  >FAQ<\/h3><div class=\"special-heading-border\"><div class=\"special-heading-inner-border\"><\/div><\/div><\/div><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-365xltg-333ab02bbd7431151dae25646754c4d5\">\n#top .togglecontainer.av-365xltg-333ab02bbd7431151dae25646754c4d5 p.toggler{\ncolor:#303440;\nbackground-color:#f7f7f7;\nborder-color:#ffffff;\n}\n#top .togglecontainer.av-365xltg-333ab02bbd7431151dae25646754c4d5 p.toggler.activeTitle{\ncolor:#127db3;\nborder-color:#127db3;\n}\n#top .togglecontainer.av-365xltg-333ab02bbd7431151dae25646754c4d5 p.toggler:not(.activeTitle):hover{\ncolor:#ffffff;\nbackground-color:#127db3;\n}\n#top .togglecontainer.av-365xltg-333ab02bbd7431151dae25646754c4d5 p.toggler:not(.activeTitle):hover .toggle_icon, #top .togglecontainer.av-365xltg-333ab02bbd7431151dae25646754c4d5 p.toggler:not(.activeTitle):hover .toggle_icon *{\nborder-color:#ffffff !important;\n}\n#top .togglecontainer.av-365xltg-333ab02bbd7431151dae25646754c4d5 p.toggler .toggle_icon{\ncolor:#303440;\nborder-color:#303440;\n}\n#top .togglecontainer.av-365xltg-333ab02bbd7431151dae25646754c4d5 .toggle_wrap .toggle_content{\ncolor:#303440;\nbackground-color:#f7f7f7;\nborder-color:#ffffff;\n}\n<\/style>\n<div  class='togglecontainer av-365xltg-333ab02bbd7431151dae25646754c4d5 av-elegant-toggle  avia-builder-el-108  el_after_av_heading  avia-builder-el-last  toggle_close_all hasCurrentStyle'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/FAQPage\" >\n<section class='av_toggle_section av-2n4cyqc-928c669e2493a05a84ed94b64f9b47a2'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-1' data-fake-id='#toggle-id-1' class='toggler  av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-1' data-slide-speed=\"200\" data-title=\"Was bedeutet TOM? \" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Was bedeutet TOM? \" data-aria_expanded=\"Click to collapse: Was bedeutet TOM? \">What does TOM mean? <span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-1' aria-labelledby='toggle-toggle-id-1' role='region' class='toggle_wrap  av-title-above'   itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>Technical-organisational measures are also abbreviated as \"TOM\" or \"TOMs\".<\/p>\n<\/div><\/div><\/div><\/section>\n<section class='av_toggle_section av-1x8yfys-9d2ad87dd0809b0a36a73f44b125fb7b'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-2' data-fake-id='#toggle-id-2' class='toggler  av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-2' data-slide-speed=\"200\" data-title=\"Was sind technische und organisatorische Ma\u00dfnahmen DSGVO? \" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Was sind technische und organisatorische Ma\u00dfnahmen DSGVO? \" data-aria_expanded=\"Click to collapse: Was sind technische und organisatorische Ma\u00dfnahmen DSGVO? \">What are technical and organisational measures GDPR? <span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-2' aria-labelledby='toggle-toggle-id-2' role='region' class='toggle_wrap  av-title-above'   itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>Technical-organisational measures are measures described in the GDPR which are intended to ensure the protection of personal data.<\/p>\n<\/div><\/div><\/div><\/section>\n<section class='av_toggle_section av-5nx6gk-5f1bb7b2d1278199c827b7aed6f5162a'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-3' data-fake-id='#toggle-id-3' class='toggler  av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-3' data-slide-speed=\"200\" data-title=\"Was sind organisatorische Ma\u00dfnahmen DSGVO?\" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Was sind organisatorische Ma\u00dfnahmen DSGVO?\" data-aria_expanded=\"Click to collapse: Was sind organisatorische Ma\u00dfnahmen DSGVO?\">What are organisational measures GDPR?<span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-3' aria-labelledby='toggle-toggle-id-3' role='region' class='toggle_wrap  av-title-above'   itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>Organisational measures within the meaning of Art. 32 GDPR include measures that involve the implementation of instructions, policies and procedures for employees to ensure the security of the processing of personal data.<\/p>\n<\/div><\/div><\/div><\/section>\n<section class='av_toggle_section av-12izmms-9f85a50db76c7cefd96541a8920517e4'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-4' data-fake-id='#toggle-id-4' class='toggler  av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-4' data-slide-speed=\"200\" data-title=\"Wann sind TOMs im Sinne des Art. 32 DSGVO erforderlich? \" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Wann sind TOMs im Sinne des Art. 32 DSGVO erforderlich? \" data-aria_expanded=\"Click to collapse: Wann sind TOMs im Sinne des Art. 32 DSGVO erforderlich? \">When are TOMs required within the meaning of Art. 32 GDPR? <span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-4' aria-labelledby='toggle-toggle-id-4' role='region' class='toggle_wrap  av-title-above'   itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>Public and non-public bodies that collect, process or use personal data are obliged to ensure technical and organisational measures. According to Art. 32 GDPR, companies must take technical and organisational measures to ensure an adequate level of protection, taking into account the state of the art, the costs of implementation, the purposes of the processing and the likelihood or severity of the risks to the data subjects.<\/p>\n<\/div><\/div><\/div><\/section>\n<section class='av_toggle_section av-pesqr8-72d32d44a44a099c2e8b832410f51e8a'  itemscope=\"itemscope\" itemprop=\"mainEntity\" itemtype=\"https:\/\/schema.org\/Question\" ><div role=\"tablist\" class=\"single_toggle\" data-tags=\"{All} \"  ><p id='toggle-toggle-id-5' data-fake-id='#toggle-id-5' class='toggler  av-title-above av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"name\"  role='tab' tabindex='0' aria-controls='toggle-id-5' data-slide-speed=\"200\" data-title=\"Welche technischen und organisatorischen Schutzma\u00dfnahmen bei personenbezogenen Daten sind gem\u00e4\u00df BDSG gemeint? \" data-title-open=\"\" data-aria_collapsed=\"Click to expand: Welche technischen und organisatorischen Schutzma\u00dfnahmen bei personenbezogenen Daten sind gem\u00e4\u00df BDSG gemeint? \" data-aria_expanded=\"Click to collapse: Welche technischen und organisatorischen Schutzma\u00dfnahmen bei personenbezogenen Daten sind gem\u00e4\u00df BDSG gemeint? \">Which technical and organisational protection measures for personal data are meant according to the BDSG? <span class=\"toggle_icon\"><span class=\"vert_icon\"><\/span><span class=\"hor_icon\"><\/span><\/span><\/p><div id='toggle-id-5' aria-labelledby='toggle-toggle-id-5' role='region' class='toggle_wrap  av-title-above'   itemscope=\"itemscope\" itemprop=\"acceptedAnswer\" itemtype=\"https:\/\/schema.org\/Answer\" ><div class='toggle_content invers-color av-inherit-font-color hasCustomColor av-inherit-border-color'  itemprop=\"text\" ><p>According to \u00a7 9 BDSG, the following protective measures are meant. Technical measures are measures that can be implemented physically, such as alarm systems, firewalls and pseudonymisation of personal data. Organisational measures, on the other hand, are implemented through instructions and procedures, such as visitor registration, staff training or the dual control principle.<\/p>\n<\/div><\/div><\/div><\/section>\n<\/div><\/p><\/div><\/div><!--close column table wrapper. Autoclose: 1 -->\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-l862pg-4345a18b6d3896c28a44fd26f56beae7\">\n.flex_column.av-l862pg-4345a18b6d3896c28a44fd26f56beae7{\npadding:35px 25px 30px 25px;\nbackground-color:#01064a;\nbackground:linear-gradient( to top right, #01064a, #00b3bd );\n}\n<\/style>\n<div  class='flex_column av-l862pg-4345a18b6d3896c28a44fd26f56beae7 av_one_full  avia-builder-el-109  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-loihry7d-dd9d1e337e078058d09dd4bd6b67b6ad\">\n.iconbox.av-loihry7d-dd9d1e337e078058d09dd4bd6b67b6ad .iconbox_icon{\ncolor:#ffffff;\n}\n.iconbox.av-loihry7d-dd9d1e337e078058d09dd4bd6b67b6ad .iconbox_icon.avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .iconbox.av-loihry7d-dd9d1e337e078058d09dd4bd6b67b6ad .iconbox_content_title{\ncolor:#ffffff;\n}\n.iconbox.av-loihry7d-dd9d1e337e078058d09dd4bd6b67b6ad .iconbox_content_container{\ncolor:#ffffff;\n}\n<\/style>\n<article  class='iconbox iconbox_left_content av-loihry7d-dd9d1e337e078058d09dd4bd6b67b6ad av-icon-style-no-border  avia-builder-el-110  el_before_av_textblock  avia-builder-el-first'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='iconbox_icon heading-color avia-iconfont avia-font-complianceos' data-av_icon='\ue908' data-av_iconfont='complianceos'  ><\/div><div class=\"iconbox_content\"><header class=\"entry-content-header\" aria-label=\"Icon: Robin Data ComplianceOS\u00ae field Data protection\"><h3 class='iconbox_content_title'  itemprop=\"headline\" >Robin Data ComplianceOS\u00ae Field Data protection<\/h3><\/header><div class='iconbox_content_container av_inherit_color'  itemprop=\"text\" ><\/div><\/div><footer class=\"entry-footer\"><\/footer><\/article><br \/>\n<section  class='av_textblock_section av-loihsgiy-20aac64deda279f76091eed7cbfe8baf'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><p><span style=\"color: #ffffff;\">The Data Protection compliance field supports you in a court-proof and time-saving manner in the continuous implementation of your data protection management in the company. Both data protection officers and responsible persons benefit from the numerous functions.<\/span><\/p>\n<\/div><\/section><br \/>\n<div  class='avia-button-wrap av-loihswhy-7123185e59bb24481d06f9d8c62b1f0a-wrap avia-button-left  avia-builder-el-112  el_after_av_textblock  avia-builder-el-last'>\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-loihswhy-7123185e59bb24481d06f9d8c62b1f0a\">\n#top #wrap_all .avia-button.av-loihswhy-7123185e59bb24481d06f9d8c62b1f0a{\nbackground-color:#00b3bd;\nborder-color:#00b3bd;\ncolor:#ffffff;\nborder-radius:1px 1px 1px 1px;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all .avia-button.av-loihswhy-7123185e59bb24481d06f9d8c62b1f0a:hover{\nbackground-color:white;\ncolor:#00b3bd;\ntransition:all 0.4s ease-in-out;\n}\n#top #wrap_all.avia-button.av-loihswhy-7123185e59bb24481d06f9d8c62b1f0a:hover .avia_button_background{\nborder-radius:1px 1px 1px 1px;\n}\n#top #wrap_all .avia-button.av-loihswhy-7123185e59bb24481d06f9d8c62b1f0a .avia-svg-icon svg:first-child{\nfill:#ffffff;\nstroke:#ffffff;\n}\n#top #wrap_all .avia-button.av-loihswhy-7123185e59bb24481d06f9d8c62b1f0a:hover .avia-svg-icon svg:first-child{\nfill:#00b3bd;\nstroke:#00b3bd;\n}\n<\/style>\n<a href='https:\/\/www.robin-data.io\/en\/data-protection'  class='avia-button av-loihswhy-7123185e59bb24481d06f9d8c62b1f0a av-link-btn avia-icon_select-no avia-size-large avia-position-left'   aria-label=\"Learn more\"><span class='avia_iconbox_title' >Learn more<\/span><\/a><\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885\">\n.flex_column.av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885{\nborder-radius:10px 10px 10px 10px;\npadding:50 px 50 px 50 px 50 px;\nbackground-color:#f7f7f7;\n}\n<\/style>\n<div  class='flex_column av-38irt4-a3265c4a84bbfe7bcd111a53bb63e885 av_one_full  avia-builder-el-113  el_after_av_one_full  el_before_av_one_full  first flex_column_div  column-top-margin'     ><p><br \/>\n<div  class='av-social-sharing-box av-ka3jmz4x-5dcebd1f09db7c20daac0063288815c9 av-social-sharing-box-default  avia-builder-el-115  el_after_av_codeblock  avia-builder-el-last  av-social-sharing-box-fullwidth'><div class=\"av-share-box\"><h5 class='av-share-link-description av-no-toc'>Do you like the piece? Feel free to share it.<\/h5><ul class=\"av-share-box-list noLightbox\"><li class='av-share-link av-social-link-facebook avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on Facebook\" href='https:\/\/www.facebook.com\/sharer.php?u=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/technical-organisational-measures-gdpr-compliant-implementation&#038;t=Technisch%20organisatorische%20Ma%C3%9Fnahmen%20%28TOMs%29' data-av_icon='\ue8f3' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on Facebook'><span class='avia_hidden_link_text'>Share on Facebook<\/span><\/a><\/li><li class='av-share-link av-social-link-twitter avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on X\" href='https:\/\/twitter.com\/share?text=Technisch%20organisatorische%20Ma%C3%9Fnahmen%20%28TOMs%29&#038;url=https:\/\/www.robin-data.io\/en\/?p=10068' data-av_icon='\ue932' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on X'><span class='avia_hidden_link_text'>Share on X<\/span><\/a><\/li><li class='av-share-link av-social-link-linkedin avia_social_iconfont' ><a target=\"_blank\" aria-label=\"Share on LinkedIn\" href='https:\/\/linkedin.com\/shareArticle?mini=true&#038;title=Technisch%20organisatorische%20Ma%C3%9Fnahmen%20%28TOMs%29&#038;url=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/technical-organisational-measures-gdpr-compliant-implementation' data-av_icon='\ue8fc' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share on LinkedIn'><span class='avia_hidden_link_text'>Share on LinkedIn<\/span><\/a><\/li><li class='av-share-link av-social-link-mail avia_social_iconfont' ><a  aria-label=\"Share by Mail\" href='mailto:?subject=Technisch%20organisatorische%20Ma%C3%9Fnahmen%20%28TOMs%29&#038;body=https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/technical-organisational-measures-gdpr-compliant-implementation' data-av_icon='\ue805' data-av_iconfont='entypo-fontello'  title='' data-avia-related-tooltip='Share by Mail'><span class='avia_hidden_link_text'>Share by Mail<\/span><\/a><\/li><\/ul><\/div><\/div><\/p><\/div>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d\">\n.flex_column.av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d{\nborder-radius:0px 0px 0px 0px;\npadding:0px 0px 0px 0px;\n}\n<\/style>\n<div  class='flex_column av-228ehv-1ea72c1e17300415ef12cb2b1a9f645d av_one_full  avia-builder-el-116  el_after_av_one_full  avia-builder-el-last  first flex_column_div av-zero-column-padding  column-top-margin'     ><section  class='av_textblock_section av-kaqhth2e-c0ce0e9fc51ca4569850f4a16f47c8e1'   itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><div class='avia_textblock'  itemprop=\"text\" ><h3 style=\"text-align: center;\">This might interest you too:<\/h3>\n<\/div><\/section><br \/>\n\n<style type=\"text\/css\" data-created_by=\"avia_inline_auto\" id=\"style-css-av-kaqhpdsy-c149d804dc26de4da98e9603962fa194\">\n#top .hr.hr-invisible.av-kaqhpdsy-c149d804dc26de4da98e9603962fa194{\nheight:25px;\n}\n<\/style>\n<div  class='hr av-kaqhpdsy-c149d804dc26de4da98e9603962fa194 hr-invisible  avia-builder-el-118  el_after_av_textblock  el_before_av_blog'><span class='hr-inner'><span class=\"hr-inner-style\"><\/span><\/span><\/div><br \/>\n<div  data-slideshow-options=\"{&quot;animation&quot;:&quot;fade&quot;,&quot;autoplay&quot;:false,&quot;loop_autoplay&quot;:&quot;once&quot;,&quot;interval&quot;:5,&quot;loop_manual&quot;:&quot;manual-endless&quot;,&quot;autoplay_stopper&quot;:false,&quot;noNavigation&quot;:false,&quot;show_slide_delay&quot;:90}\" class='avia-content-slider avia-content-grid-active avia-content-slider1 avia-content-slider-odd  avia-builder-el-119  el_after_av_hr  avia-builder-el-last  av-slideshow-ui av-control-default   av-no-slider-navigation av-slideshow-manual av-loop-once av-loop-manual-endless'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Blog\" ><div class=\"avia-content-slider-inner\"><div class=\"slide-entry-wrap\"><article class='slide-entry flex_column  post-entry post-entry-16055 slide-entry-overview slide-loop-1 slide-parity-odd  av_one_third first real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive' data-rel='slide-1' class='slide-image' title='NIS2: EU directive for more cyber security'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"343\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne-495x343.jpg\" class=\"wp-image-14055 avia-img-lazy-loading-not-14055 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: NIS2: EU directive for more cyber security\"><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >What does the NIS-2 Directive mean for organisations in Germany? Implementation obligations, sanctions, tips for implementation.<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-11-13T17:46:49+01:00\" >13 November 2025<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/news\/nis-2-directive#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150310\/Datenschutzpanne.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>343<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2021-05-20T15:24:27+02:00\" >2025-11-13 17:46:49<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-12-03 14:21:10<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>NIS2: EU directive for more cyber security<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-17156 slide-entry-overview slide-loop-2 slide-parity-even  av_one_third  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/datenschutz-management-system-dsgvo-dsms' data-rel='slide-1' class='slide-image' title='DSMS according to GDPR: Structure &amp; practical implementation'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"341\" src=\"https:\/\/media.robin-data.io\/2022\/05\/23150650\/Zusammenarbeit-1-495x341.jpg\" class=\"wp-image-14089 avia-img-lazy-loading-not-14089 attachment-portfolio size-portfolio wp-post-image\" alt=\"\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: DSMS according to GDPR: Structure &amp; practical implementation\"><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Learn all about templates, structure and implementation of a GDPR-compliant data protection management system (DMS).<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/datenschutz-management-system-dsgvo-dsms\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-04-23T09:41:39+02:00\" >23 April 2025<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/datenschutz-management-system-dsgvo-dsms#respond'>0 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/05\/23150650\/Zusammenarbeit-1.jpg<\/span>\n\t\t\t\t\t\t<span itemprop='height'>341<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2021-05-20T15:24:27+02:00\" >2025-04-23 09:41:39<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-04-23 09:44:29<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>DSMS according to GDPR: Structure &amp; practical implementation<\/span><\/span><\/span><\/article><article class='slide-entry flex_column  post-entry post-entry-17123 slide-entry-overview slide-loop-3 slide-parity-odd  post-entry-last  av_one_third  real-thumbnail posttype-post post-format-standard'  itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/BlogPosting\" itemprop=\"blogPost\" ><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/ki-und-datenschutz-praxisleitfaden' data-rel='slide-1' class='slide-image' title='AI and data protection in practice'><img decoding=\"async\" fetchpriority=\"high\" width=\"495\" height=\"343\" src=\"https:\/\/media.robin-data.io\/2025\/01\/27132208\/kuenstliche-intelligenz-ai-495x343.png\" class=\"wp-image-16986 avia-img-lazy-loading-not-16986 attachment-portfolio size-portfolio wp-post-image\" alt=\"artificial intelligence\" \/><\/a><div class=\"slide-content\"><header class=\"entry-content-header\" aria-label=\"Slide: AI and data protection in practice\"><\/header><div class='slide-entry-excerpt entry-content'  itemprop=\"text\" >Find out how artificial intelligence can be used in compliance with the GDPR. A practical guide.<div class=\"read-more-link\"><a href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/ki-und-datenschutz-praxisleitfaden\" class=\"more-link\">Read more<span class='more-link-arrow avia-svg-icon avia-font-svg_entypo-fontello' data-av_svg_icon='right-open-big' data-av_iconset='svg_entypo-fontello'><svg version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"15\" height=\"32\" viewbox=\"0 0 15 32\" preserveaspectratio=\"xMidYMid meet\" role=\"graphics-symbol\" aria-hidden=\"true\">\n<path d=\"M0.416 27.84l11.456-11.84-11.456-11.904q-0.832-0.832 0-1.536 0.832-0.832 1.536 0l12.544 12.608q0.768 0.832 0 1.6l-12.544 12.608q-0.704 0.832-1.536 0-0.832-0.704 0-1.536z\"><\/path>\n<\/svg><\/span><\/a><\/div><\/div><\/div><footer class=\"entry-footer\"><div class=\"slide-meta\"><time class='slide-meta-time updated'  itemprop=\"datePublished\" datetime=\"2025-04-07T13:24:22+02:00\" >7 April 2025<\/time><div class=\"slide-meta-del\">\/<\/div><div class=\"slide-meta-comments\"><a href='https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/ki-und-datenschutz-praxisleitfaden#comments'>4 Comments<\/a><\/div><\/div><\/footer><span class='hidden'>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"image\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/ImageObject\" >\n\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2025\/01\/27132208\/kuenstliche-intelligenz-ai.png<\/span>\n\t\t\t\t\t\t<span itemprop='height'>343<\/span>\n\t\t\t\t\t\t<span itemprop='width'>685<\/span>\n\t\t\t\t<\/span>\n\t\t\t\t<span class='av-structured-data'  itemprop=\"publisher\" itemtype=\"https:\/\/schema.org\/Organization\" itemscope=\"itemscope\" >\n\t\t\t\t\t\t<span itemprop='name'>Caroline Schwabe<\/span>\n\t\t\t\t\t\t<span itemprop='logo' itemscope itemtype='https:\/\/schema.org\/ImageObject'>\n\t\t\t\t\t\t\t<span itemprop='url'>https:\/\/media.robin-data.io\/2022\/07\/05140916\/Robin-Data_ComplianceOS_white_logo.png<\/span>\n\t\t\t\t\t\t<\/span>\n\t\t\t\t<\/span><span class='av-structured-data'  itemprop=\"author\" itemscope=\"itemscope\" itemtype=\"https:\/\/schema.org\/Person\" ><span itemprop='name'>Caroline Schwabe<\/span><\/span><span class='av-structured-data'  itemprop=\"datePublished\" datetime=\"2021-05-20T15:24:27+02:00\" >2025-04-07 13:24:22<\/span><span class='av-structured-data'  itemprop=\"dateModified\" itemtype=\"https:\/\/schema.org\/dateModified\" >2025-04-07 13:46:33<\/span><span class='av-structured-data'  itemprop=\"mainEntityOfPage\" itemtype=\"https:\/\/schema.org\/mainEntityOfPage\" ><span itemprop='name'>AI and data protection in practice<\/span><\/span><\/span><\/article><\/div><\/div><\/div><\/p><\/div>","protected":false},"excerpt":{"rendered":"<p>All information on the technical organisational measures according to the GDPR. What do responsible parties have to observe during implementation and documentation?<\/p>","protected":false},"author":3,"featured_media":14054,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[71],"tags":[123,37,183,120],"class_list":["post-10068","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-wiki","tag-aufgaben","tag-datenschutz","tag-dsms","tag-it-sicherheit"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.8 (Yoast SEO v26.8) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Technisch Organisatorische Ma\u00dfnahmen DSGVO-konform | Wiki<\/title>\n<meta name=\"description\" content=\"Grundlagen, Checkliste und Beispiele zur datenschutzkonformer Umsetzung von Technisch Organisatorischen Ma\u00dfnahmen im Unternehmen.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/technical-organisational-measures-gdpr-compliant-implementation\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Technisch organisatorische Ma\u00dfnahmen (TOMs)\" \/>\n<meta property=\"og:description\" content=\"Grundlagen, Checkliste und Beispiele zur datenschutzkonformer Umsetzung von Technisch Organisatorischen Ma\u00dfnahmen im Unternehmen.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/technical-organisational-measures-gdpr-compliant-implementation\" \/>\n<meta property=\"og:site_name\" content=\"Robin Data GmbH\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/robindatade\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-20T13:24:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-13T11:46:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"685\" \/>\n\t<meta property=\"og:image:height\" content=\"343\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Caroline Schwabe\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@RobinData_DE\" \/>\n<meta name=\"twitter:site\" content=\"@RobinData_DE\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Caroline Schwabe\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"17 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen\"},\"author\":{\"name\":\"Caroline Schwabe\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\"},\"headline\":\"Technisch organisatorische Ma\u00dfnahmen (TOMs)\",\"datePublished\":\"2021-05-20T13:24:27+00:00\",\"dateModified\":\"2025-08-13T11:46:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen\"},\"wordCount\":12056,\"commentCount\":0,\"image\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\",\"keywords\":[\"Aufgaben\",\"Datenschutz\",\"DSMS\",\"IT-Sicherheit\"],\"articleSection\":[\"Wiki\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#respond\"]}]},{\"@type\":[\"WebPage\",\"ItemPage\"],\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen\",\"url\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen\",\"name\":\"Technisch Organisatorische Ma\u00dfnahmen DSGVO-konform | Wiki\",\"isPartOf\":{\"@id\":\"https:\/\/www.robin-data.io\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#primaryimage\"},\"thumbnailUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\",\"datePublished\":\"2021-05-20T13:24:27+00:00\",\"dateModified\":\"2025-08-13T11:46:54+00:00\",\"author\":{\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\"},\"description\":\"Grundlagen, Checkliste und Beispiele zur datenschutzkonformer Umsetzung von Technisch Organisatorischen Ma\u00dfnahmen im Unternehmen.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#primaryimage\",\"url\":\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\",\"contentUrl\":\"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg\",\"width\":685,\"height\":343},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\/\/www.robin-data.io\/startseite\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Technisch organisatorische Ma\u00dfnahmen (TOMs)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.robin-data.io\/#website\",\"url\":\"https:\/\/www.robin-data.io\/\",\"name\":\"Robin Data GmbH\",\"description\":\"Robin Data ComplianceOS\u00ae Das Compliance Operating System\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.robin-data.io\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5\",\"name\":\"Caroline Schwabe\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.robin-data.io\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g\",\"caption\":\"Caroline Schwabe\"},\"description\":\"Frau Schwabe ist Informationsdesignerin und Datenschutzbeauftragte. Der Schwerpunkt ihrer Arbeit liegt darin, Kunden und Interessenten mit Beitr\u00e4gen in der Robin Data Datenschutz-Akademie weiterzuhelfen.\",\"url\":\"https:\/\/www.robin-data.io\/en\/author\/csc\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Technical organisational measures GDPR-compliant | Wiki","description":"Basics, checklist and examples of data protection-compliant implementation of technical organisational measures in the company.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/technical-organisational-measures-gdpr-compliant-implementation","og_locale":"en_GB","og_type":"article","og_title":"Technisch organisatorische Ma\u00dfnahmen (TOMs)","og_description":"Grundlagen, Checkliste und Beispiele zur datenschutzkonformer Umsetzung von Technisch Organisatorischen Ma\u00dfnahmen im Unternehmen.","og_url":"https:\/\/www.robin-data.io\/en\/data-protection-and-data-security-academy\/wiki\/technical-organisational-measures-gdpr-compliant-implementation","og_site_name":"Robin Data GmbH","article_publisher":"https:\/\/www.facebook.com\/robindatade\/","article_published_time":"2021-05-20T13:24:27+00:00","article_modified_time":"2025-08-13T11:46:54+00:00","og_image":[{"width":685,"height":343,"url":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","type":"image\/jpeg"}],"author":"Caroline Schwabe","twitter_card":"summary_large_image","twitter_creator":"@RobinData_DE","twitter_site":"@RobinData_DE","twitter_misc":{"Written by":"Caroline Schwabe","Estimated reading time":"17 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#article","isPartOf":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen"},"author":{"name":"Caroline Schwabe","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5"},"headline":"Technisch organisatorische Ma\u00dfnahmen (TOMs)","datePublished":"2021-05-20T13:24:27+00:00","dateModified":"2025-08-13T11:46:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen"},"wordCount":12056,"commentCount":0,"image":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#primaryimage"},"thumbnailUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","keywords":["Aufgaben","Datenschutz","DSMS","IT-Sicherheit"],"articleSection":["Wiki"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#respond"]}]},{"@type":["WebPage","ItemPage"],"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen","url":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen","name":"Technical organisational measures GDPR-compliant | Wiki","isPartOf":{"@id":"https:\/\/www.robin-data.io\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#primaryimage"},"image":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#primaryimage"},"thumbnailUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","datePublished":"2021-05-20T13:24:27+00:00","dateModified":"2025-08-13T11:46:54+00:00","author":{"@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5"},"description":"Basics, checklist and examples of data protection-compliant implementation of technical organisational measures in the company.","breadcrumb":{"@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#primaryimage","url":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","contentUrl":"https:\/\/media.robin-data.io\/2022\/05\/23150309\/Datenschutzbeauftragter.jpg","width":685,"height":343},{"@type":"BreadcrumbList","@id":"https:\/\/www.robin-data.io\/datenschutz-akademie\/wiki\/technisch-organisatorische-massnahmen-dsgvo-konform-umsetzen#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/www.robin-data.io\/startseite"},{"@type":"ListItem","position":2,"name":"Technisch organisatorische Ma\u00dfnahmen (TOMs)"}]},{"@type":"WebSite","@id":"https:\/\/www.robin-data.io\/#website","url":"https:\/\/www.robin-data.io\/","name":"Robin Data GmbH","description":"Robin Data ComplianceOS\u00ae The Compliance Operating System","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.robin-data.io\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Person","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/83e2bd965d3e87f50c5da3c0b541dfe5","name":"Caroline Schwabe","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.robin-data.io\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4afcd09464d8c4418a7e62c3fdd2103c84addcb37103428b60586d9b32b79b3f?s=96&d=mm&r=g","caption":"Caroline Schwabe"},"description":"Ms. Schwabe is an information designer and Data Protection Officer. The focus of her work is to help customers and interested parties with contributions to the Robin Data Privacy Academy.","url":"https:\/\/www.robin-data.io\/en\/author\/csc"}]}},"_links":{"self":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/10068","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/comments?post=10068"}],"version-history":[{"count":80,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/10068\/revisions"}],"predecessor-version":[{"id":11443,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/posts\/10068\/revisions\/11443"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/media\/14054"}],"wp:attachment":[{"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/media?parent=10068"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/categories?post=10068"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.robin-data.io\/en\/wp-json\/wp\/v2\/tags?post=10068"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}