SoftGuide > Functions / Modules Designation > Technical and organizational measures

Technical and organizational measures

What is meant by Technical and organizational measures?

The term "Technical and Organizational Measures (TOM)" refers to the precautions that a company takes to ensure the protection of personal data in accordance with the requirements of the General Data Protection Regulation (GDPR). These measures include both technical safeguards, such as encryption and access controls, and organizational measures, such as data protection training and policies. The goal of TOM is to ensure the confidentiality, integrity, and availability of data and to minimize the risk of data breaches.

Typical software functions in the area of "Technical and Organizational Measures (TOM)":

  1. Access Management: Management of user access rights to ensure that only authorized individuals have access to sensitive data.
  2. Encryption: Implementation of encryption technologies to protect data during transmission and storage.
  3. Audit Trails: Logging of data access and modifications to ensure traceability and accountability.
  4. Security Policy Management: Creation, distribution, and monitoring of policies that ensure secure data handling.
  5. Data Backups: Regular creation and management of backups to enable data recovery in case of data loss.
  6. Risk Management: Identification, assessment, and management of risks associated with data processing.

Examples of "Technical and Organizational Measures (TOM)":

  1. Email Encryption: Use of encryption technologies to ensure the confidentiality of email communication.
  2. Password Management: Implementation of strict policies for creating and managing passwords, including two-factor authentication.
  3. Security Audits: Regular security audits and penetration tests to identify and address vulnerabilities in IT systems.
  4. Physical Access Control Systems: Use of physical access controls, such as key cards or biometric systems, to restrict access to data centers.
  5. Data Protection Training: Conducting training sessions for employees to raise awareness of data protection and security.
  6. Incident Response Plans: Development and implementation of emergency plans for rapid response to data breaches.

 

The function / module Technical and organizational measures belongs to:

Data protection

Software solutions with function or module Technical and organizational measures:

caralegal
Compliance Aspekte
DHC VISION
myPARM - Multi-project management software
otris privacy
QSEC - GRC/ISMS, ISO 27001/BSI standard- IT protection, B3S and data protection
SECURITY ASSISTANT (MR.KNOW)