German Federal Office for Information Security Issues Final Framework Paper on Information Security for Cloud Computing
Time 1 Minute Read
Categories: European Union, Information Security, International

On May 10, 2011, the German Federal Office for Information Security, (the Bundesamt für Sicherheit in der Informationstechnik or “BSI”) released the final framework paper on information security issues related to cloud computing.  The paper describes the minimum requirements for information security for cloud computing services.  As we previously reported, in September 2010, the BSI had presented the draft framework paper which received positive reviews and constructive comments from cloud computing providers, users, associations and other stakeholders.  The comments and contributions have been incorporated in the final framework paper.  According to the BSI, the paper provides “Best Practices” and serves as a basis for the discussion between cloud computing service providers and cloud users.  Based on the paper, concrete recommendations for companies or public authorities may be developed, including at the international level.

Tags: Cloud Computing, Germany
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 3 Minute Read
UK ICO Sets Out Proposals to Promote Sustainable Economic Growth

On January 24, 2025, the UK Information Commissioner’s Office published a letter setting out proposals to boost business confidence, improve the investment climate, and foster sustainable economic growth in the UK.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 1 Minute Read
EDPB Launches Coordinated Enforcement Framework on Right of Access

On February 28, 2024, the European Data Protection Board (“EDPB”) announced the launch of its latest Coordinated Enforcement Framework action on the right of access. Through the course of 2024, 31 data protection authorities across the European Economic Area, including seven German state-level authorities, will take part in this initiative on the implementation of the right of access. The EDPB selected the right access for its third coordinated enforcement action as it is “at the heart of data protection,” is a right that is very frequently exercised by individuals, and one that is often the basis of complaints to authorities.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
CJEU Rules that GDPR Prohibition on Automated Decision-Making Applies to Credit Scoring

On December 7, 2023, the Court of Justice of the European Union (“CJEU”) ruled that credit scoring constitutes automated decision-making, which is prohibited under Article 22 of the EU General Data Protection Regulation (“GDPR”) unless certain conditions are met. In a case stemming from consumer complaints against German credit bureau SCHUFA, the CJEU found that the company’s reliance on fully automated processes to calculate creditworthiness and extend credit constitutes automated decision-making which produces a legal or similarly significant effect within the meaning of Article 22 of the GDPR.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 3 Minute Read
UK Cyber Laws Extended to Bring Outsourcers and Managed Service Providers into Scope to Strengthen UK’s Resilience Against Online Cyber Attacks

On November 30, 2022, the UK government confirmed that the Network and Information Systems (“NIS”) Regulations 2018 (“NIS Regulations”) will be strengthened to protect essential and digital services against cyber attacks. The changes bring providers of outsourced IT and managed service providers (“MSPs”) into scope of the NIS Regulations. The announcement comes in response to a public consultation held in January this year.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page