Data Access Control. Authorizations for Xxxxxxxxxx.Xxx IT systems and applications are set up exclusively by administra- tors. Authorizations are always granted according to the need-to-know principle. Accordingly, only those persons are granted access rights to data, databases or applications who maintain and service these data, applications or databases or are involved in their development. The prerequisite is a corresponding request for authorization for an employee by a supervisor. There is a role-based authorization concept with the option of differentiated assignment of access rights, which ensures that employees receive access rights to applications and data depending on their respective area of responsibility and, if necessary, on a project basis. Employees are generally prohibited from installing unauthorized software on IT systems. All server and client systems are regularly updated with security updates.
Appears in 5 contracts
Samples: Data Processing Agreement, Data Processing Agreement, Data Processing Agreement
