Emails in the age of the GDPR - legally compliant in the company Forum on digitalization law and Industry 4.0
In the age of the GDPR, emails must now be encrypted. Special problems arise in the group of companies and in the group when centralizing IT systems. In this event, we will present the legal and technical framework conditions and point out solutions.
In the age of the GDPR,emails must be encrypted according to the new concept. Accidentally sending an email to the wrong addressee can trigger a reporting obligation to the data protection supervisory authority within 72 hours. Clicking on a link in an incoming phishing email can paralyze the company and lead to the forfeiture of fines. At the same time, there is the problem that although encryption technologies have been available for years, there are none that are uniformly available for both the sender and the recipient.
According to the GDPR, a deletion concept must also be provided. The long-term storage of emails in a "big long" inbox is therefore not permitted.
In a group of companies or corporate group, the integration of emails poses particular difficulties, as data is exchanged between different legal entities. Are a shared email server and a shared IT infrastructure (e.g. for virus scans) therefore permitted at all? To what extent may - or must - spam and phishing e-mails be filtered?
The forum will address these and other issues and present legal and technical solutions relating to the topic of "e-mail and communication".
Speaker
Julian Kaletta
Managing Director Julkair GmbH, Stuttgart
IT system house
In 2018, Julkair GmbH was awarded the partner status of the Alliance for Cyber Security by the Federal Office for Information Security (BSI) for its commitment to IT security.
An excerpt from the topics
Email encryption as a duty?
Requirements of the GDPR, the data protection supervisory authorities and the BSI
Why should telephone, fax and video conferencing be assessed differently?
Difference between in-house email server or via external provider
Technical background
Overview of the email system
Transport encryption (TLS), content encryption (e.g. PGP, GPG, S/MIME)
Email in the group of companies / within the group
Is one email server permitted for all group companies?
Problems with central spam and security checks
Special features for doctors, hospitals and tax consultants
Solutions for the practice
Email archiving and deletion obligations
Endless storage of emails in the email folder
Dealing with deletion requests
Is an email signature required?
Outlook on the ePrivacy Regulation
How to get there
Tübinger Straße 26, 70178 Stuttgart(directions as PDF)
Arrival by car: Gerberviertel parking garage, separate office entrance opposite parking lot no. 131 (level P1) / no. 176 (level P2) / no. 221 (level P3).
Arrival on foot: Please use the Tübinger Straße office entrance.
Further information
You can find the special data protection information here. Image above by: Gerd Altmann from Pixabay.