VDG and Uniscon are the first cloud providers to be certified according to the Trusted Cloud Data Protection Profile (TCDP). The new test standard for data protection certification was developed within the framework of the Trusted Cloud Program of the Federal Ministry for Economic Affairs and Energy (BMWi).
VDG (Versicherungswirtschaftlicher Datendienst GmbH) and Uniscon are the first companies to be certified according to the Trusted Cloud Data Protection Profile (TCDP) . The new test standard for data protection certification was developed as part of the “Trusted Cloud” program launched in 2011 by the Federal Ministry for Economic Affairs and Energy (BMWi). The certificates issued by TÜV Informationstechnik (TÜViT), one of the leading providers of IT security services, were presented to the two companies at this year’s CeBIT by Matthias Machnig, Parliamentary State Secretary of the BMWi. He also officially launched the Trusted Cloud Platform on March 17th.
The ” VDG Authentication Portal ” services of VDG and ” Idgard”From Uniscon received a two-year valid certificate that verifies data protection compliance according to TCDP. With TCDP certification, organizations can easily see if the cloud services they use meet the legal privacy guidelines. Current legislation requires companies to check their own cloud service providers for privacy compliance, such as when they participate in tenders. Since this is usually too costly especially for medium-sized companies, the TCDP certification of cloud services represents a considerable relief for the user companies. It automatically creates legal certainty and thus makes own audits superfluous.
“Certificates according to the Trusted Cloud data protection profile are a considerable relief not only for medium-sized companies,” says TÜViT CEO Dirk Kretzschmar. “When selecting a cloud provider, thanks to the certificate, it is now immediately apparent which provider a company is on the safe side under data protection law.”
The foundations for the Trusted Cloud Data Protection Profile (TCDP) for cloud services have been developed by data protection experts on behalf of the BMWi within two years. The TCDP follows the data protection certification according to the Federal Data Protection Act. It maps the legal requirements for order data processing in a test standard.
The TCDP is currently under development in a pilot project called ” Cloud Services Data Protection Certification .” The responsible consortium has been working since September 2015 on behalf of the BMWi and under the supervision of TÜViT. Participating in the consortium are all relevant players in the field of data protection certification, in particular data protection supervisory authorities, providers of cloud services of various sizes, providers of testing and certification services as well as associations and institutions of IT and data protection.
The newly launched Trusted Cloud platform is the result of the “Trusted Cloud” technology program, which the BMWi implemented between 2010 and 2015 to develop and test innovative, secure and legally compliant cloud computing solutions, which primarily benefit SMEs. According to BMWi, the provider of the platform, the non-profit association “Competence Network Trusted Cloud (KN TC)” stands for supplier independence. An external auditor reviews the requirements and an independent supervisory body controls this. The providers secure the information provided by them legally binding. The BMWi supports the construction and launch of the platform, after which the KN TC carries the portal independently.