Common use of Authorization Control Clause in Contracts

Authorization Control. The aim of access control is to ensure that only those authorized to use a data processing system can access exclusively the pD subject to their task-related access authorization and that pD cannot be read, copied, modified or removed without authorization during processing, use and after storage. The implementation of the following measures supports this requirement. ☒ All employees who handle pD are separately bound to secrecy (e.g. by contract, declaration of commitment) or by law. ☒ Implementing a sufficiently differentiated role and authorization model ☒ Use of user IDs. ☒ Identification and authentication of users. ☒ Automatic verification of authorizations. ☒ Logging of access to specific files. ☒ Use of encryption methods. ☒ Separation of test and production operations.