TCDP certification for Open Telekom Cloud and DSI vCloud

Nov 9, 2017

By gaining TCDP certification, both Open Telekom Cloud and DSI vCloud are certifiably meeting the requirements of the German Federal Data Protection Act (BDSG).
f.l.t.r.: Frank Barenscheer, Global Account Manager and Dr. Gerhard Nagel, Director Management System Certification from DEKRA, Ralf Poggemann for DSI vCloud and Daniel Hermes for Open Telekom, Silke Lindig, Corporate Operating Office
T-Systems’ cloud computing services – Open Telekom Cloud and DSI vCloud – both gained TCDP certification (Trusted Cloud Datenprofil) by DEKRA. By awarding this certification, the independent German auditing body confirms that T-Systems’ Iaas cloud services meet the data protection requirements for cloud computing stipulated by the German Federal Data Protection Act. The TCDP certification complements existing certifications in regard to data protection and security, according to ISO 27017 and ISO 27018.
During the Cloud Expert Summit 2017, DEKRA representatives Dr. Gerhard Nagel and Frank Barenscheer presented T-Systems with both certificates and emphasized the importance of the TCDP certification and the strict requirements, which providers of Trusted Cloud Services have to meet. “T-Systems is the first company in Germany, which meets the TCDP 1.0 standard and consequently offers the respective necessary data security for users with their cloud computing services DSI vCloud and Open Telekom Cloud”, says Dr. Nagel.

Trusted Cloud-Datenschutzprofil (Trusted Cloud Data Protection Profile)

The TCDP is a testing standard for the certification of cloud service data protection. Providers of IT services can use it to verify that their IT services are meeting all requirements stipulated by German data protection laws. Users of these IT services can trust that all the necessary data protection standards are met and save the time and effort of conducting the test mandated by section 11 paragraph 2 of the BDSG. A TCDP certification pertains to the areas of collecting, processing and utilizing personal data on behalf of a customer or client (contract data processing).

General Data Protection Regulation and European data protection certification

The TCDP is part of the push to establish a legally binding data protection certification: the European Union’s General Data Protection Regulation (GDPR) standardizes the rules for the processing of personal data inside the European Union. This serves to ensure the EU-wide protection of personal data, as well as facilitating the free flow of data in the European Single Market. The General Data Protection Regulation will come into effect on the 25th of May 2018 in all EU member states.