Was ich für Dich tun kann:
GDPR compliance does not mean anything else, that we clarify together whether your processes are GDPR compliant: From creating a data protection and IT security concept to clarifying whether your IT, your homepage, etc. are also compliant and, if necessary, to improve them .
External data protection officer
My approach as an external data protection officer and expert for data protection is always very pragmatic – without forgetting that ultimately it is about ensuring security. One thing is important: There is NO hourly limit per month as part of the collaboration. So you know that you can always get rid of all questions without the costs getting out of hand.
External data protection officer / EU representative
Do you have a company outside the EU and need an EU representative as an external data protection officer? I offer this service worldwide. From the USA to New Zealand to the UK.
Data protection audits
Even without you needing an external DPO, it makes sense to have your data protection analyzed in an audit and to find out whether and where there is a need for improvement and where you might run into a possible fine trap. The audits are planned by me and also carried out and followed up (report).
Do you want to be included in the DiGA directory with your app? Then a lot of things have to be considered: From the implementation of the data protection requirements to a protection requirement determination to the requirements for IT security. So that you can prove all of this, we will implement the requirements together.
DiGA compliance audits
Becoming DiGA-compliant is one thing – staying that way is another. Keep your data protection processes running and have the certainty that everything is still compliant. And “by the way” you will recognize valuable potential for improvement for your processes and thus for your company. We will plan the annual audit together, I will carry it out and create an audit report.
ISO 27001 advice
Certification is a great thing if you want to be sure that everything is going well. Perhaps you also want to join the DiGA program, then you (probably) have to be certified from 2022. By the way: Even for potential customers / interested parties, a certificate is always a further form of security with regard to data and information security in your company.
External ISMS Security Officer (Professional) according to ISO / IEC 27001
An information security officer (ISB) is responsible for all questions relating to information security in your company. This includes, for example, the control of the security process, the coordination and evaluation of the security concept, the planning of security measures, etc.
As a certified ISB, we work together on exactly these topics and much more.
Every information security system is only as good as it is lived and continuously improved. This is exactly what is evaluated in annual audits – regardless of whether you have implemented ISO 27001 or not. The focus is always on whether and how the ISMS can be implemented and improved. And if you have introduced ISO 271001 or intend to do so, then the audits serve as proof of this very requirement.
Further education & training
I offer various further education and training courses via my learning portal: from specialist knowledge for data protection officers to the “mentor program for DPOs” to training courses on ISO 27001 or the implementation of audits according to ISO 19011. The best: Just learn when and wherever you want – completely online and whenever you have time.