Data protection is becoming increasingly important. Anyone who works at Fachhochschule Dortmund must be familiar with it: That's why there's a new "Data Protection Guideline". Here are the answers to the most important questions.
Knowing what to observe in which situations is not always self-explanatory when it comes to data protection. That's why the Rectorate, together with the Data Protection Officers Katrin Zeigerer and Stephanie Wiegand, has formulated the central requirements and measures for Fachhochschule Dortmund in the data protection guideline. Here, the data protection officers answer five questions about the new guideline.
1. what and whose data are we talking about?
We are talking about all information that says something about specific living persons. In legal terms, we call this "personal data". This includes, for example, the things that appear in a passport - name, address, date of birth and so on - but also everything else such as email address, IP address, health data, religious and sexual orientation, ethnic origin and much more. This applies to all persons we deal with as UAS employees, be they students, employees or external persons.
2. why must personal data be protected?
Because we can only behave and develop freely if we decide for ourselves when and to whom we disclose our data - and which data. In other words, if we did not have this right, we would always have to expect to be monitored. We would always have to be guided by it and would no longer be able to develop freely. This freedom is also the basis of our democracy.
What's more, digitalization is constantly evolving, which means that the opportunities to store and misuse personal data without the knowledge of those affected are increasing significantly. This is why the issue of data protection is becoming increasingly important.
It is not without reason that the protection of personal data is enshrined as the fundamental right to informal self-determination in the German Basic Law and the EU Charter of Fundamental Rights, as well as in many individual laws.
3. what's in it for me?
Much better protection against the many, very specific dangers of our time. Here are a few examples:
- Protection against discrimination. If, for example, when looking for an apartment, applying for a job or taking out a loan, the other person knows more about you than you would like, you cannot be sure that you are really being treated fairly.
- Protection against theft. Best example: Anyone who knows your credit card details or has your online banking access could help themselves.
- Protection against identity theft. Someone could pretend to be you and do all sorts of things.
- Protection against manipulation. The possibilities of exerting influence for advertising purposes or political motives are becoming more effective and at the same time more subtle, especially in social networks. The more data is circulating about us, the greater the risk of being manipulated without realizing it.
4. what role does the rectorate play in this?
The rectorate must ensure that employees at the university, for example, comply with data protection regulations. To do this, it must define the guidelines, organize data protection, inform all university members about it and train them. This is all described in the data protection guideline.
5. what do I have to do specifically?
If you work at Fachhochschule Dortmund, it is part of your job to know and comply with the regulations. This includes the European General Data Protection Regulation, the national laws and the university's internal regulations - for example the data protection guideline.
In addition, it is your duty to take data protection into account in all work processes and professional decisions. For new projects, data protection must be considered from the outset.
You are also expected to report data protection violations immediately to the data protection officer or the university IT department, even if it is only a suspicion. The quicker this is done, the greater the chance of reducing the risk for those affected.
If you work with data, you must document this in a processing directory. This varies from workplace to workplace. Further information can be found on the intranet page of the data protection officer .