Data Protection Law of the Catholic Church (KDG)

In the field of data protection law, the Catholic Church has given orders about the church data protection (KDG).We function as external data protection commissioner for enterprises and organizations being subordinated to an agency of the Catholic Church, such as administration, hospitals, academies, supporting work, and child and youth welfare services.

The following services are therefore offered In particular:

  • Implementation of a critical points analysis on data protection with a report being sent to the management
  • Creation of a data protection organization
  • Preparation of a data protection guideline and a data protection concept for church enterprises and organizations
  • Preparation of all documents necessary in the field of data protection
  • Implementation of a procedure for information request
  • Preparation of a training concept and accomplishment of data protection trainings according to the KDG
  • Hotline for all questions concerning the Catholic data privacy law
  • Inspection and realization of the demands from an order processing according to § 29 KDG
  • Inspection of the requirements of the technical-organizational data protection according to § 26 KDG
  • Realization of the requirements for data protection on the intranet and the internet presence
  • Fulfilment of the conditions of data protection in the field of advertising and public relations
  • Realization of the requirements on data protection in the personnel department
  • Consultation on the realization of data protection in the employee representation
  • Preparation and implementation of data protection audits
  • Preparation of the necessary corporate guidelines on both IT and TK usage, video surveillance, access control, and time recording
  • Data protection compliant realization of paper and data medium destruction
  • Realization of data protection at multifunctional devices, copiers and fax machines
  • Support with the realization of encryption processes for hardware, e-mails and remote data hits via virtual private network
  • Preparation of a guide for the development of a deleting concept
  • Ongoing care as part of external data protection officer