Common use of System Access Controls Clause in Contracts

System Access Controls. In order to access personal data, a documented, role-based authorisation concept must be in place that restricts access to the data so that only authorised persons can access the personal data necessary for their task (minimum principle). The password regulations from access control must also be implemented as part of access control. Administrative activities must be restricted to a small group of administrators. The activities of the administrators must be monitored and logged within the framework of technically justifiable expenditure.

System Access Controls. In order to access personal data, a documented, role-based authorisation concept must be in place that restricts access to the data so that only authorised persons can access the personal data necessary neces- sary for their task (minimum principle). The password regulations from access control must also be implemented as part of access control. Administrative activities must be restricted to a small group of administrators. The activities of the administrators must be monitored and logged within the framework of technically justifiable expenditure.