Data protection management

The principle of accountability (Art. 5 (2) GDPR) obliges you to establish a functioning data protection management system (DMS) in your company. On the one hand, this consists of a document pyramid, starting with a code of conduct, a data protection management manual, guidelines and work instructions and many accompanying documents. On the other hand, the requirements of the GDPR and the self-imposed obligations must also be lived. So you need to define processes to guide your employees on what all needs to be done in data protection. But that alone is still not enough. Through regular controls, they must ensure that the entire company actually adheres to the processes and specifications. In addition, you must define technical-organisational measures and monitor their functionality at regular intervals. Therefore, a functioning networking of your DSMS with the routines of your IT security is essential.

At THALES, we have more than ten years of proven experience in building DSMSs across a wide range of industries. We support you in the design and implementation of your DSMS. If you wish, we can also take over the entire project management. The implementation can take place on your systems. But we also support you with web-based tools and other tools. For large companies with extensive data processing, the purchase of a combined documentation and ticket system is recommended to ensure audit-proof purchases. For smaller and medium-sized companies, web-based tools can be a helpful support.

If you have any questions about setting up a DSMS, please contact us at: