Link between the DS/IS staff unit and the organisational units: regular exchange/close cooperation with the staff unit and, in the future, also with other DISKs of the university.
Advisory activity: Persons to contact for employees of the respective unit on questions regarding existing legal and internal regulations and requirements of Data protection and information security: e.g. for research projects, Master's theses, in the context of which research projects (e.g. interviews...) take place.
Support in the fulfilment of these requirements: e.g. in the preparation of data protection declarations, consents, registers of processing activities (VVT's)
The responsibility for the content lies with the project managers, but I support them in case of questions. After completion, I also ensure that the VVTs are centrally filed. They serve as proof of compliance with the GDPR when inspected by the supervisory authority.
Support in the notification of data breaches/information security incidents and the processing of claims for information (e.g. coordination/assistance in filling out/process of notification).
Advice/ recommendations onprotective measures for the processing and storage/ archiving of personal/ pseudonymised data.
Further tasks of the DISK
Distributing/circulating information material from the Data Protection and Information Security Unit, information on new and existing regulations.
Supporting the management of the organisational unit or the persons in charge in preparing the necessary documentation when introducing new procedures (e.g.: Determining the need for protection, informing about the use of AV contracts, supporting the introduction of new IT procedures).