CommunityDEENDEENProductsCore ServicesRoadmapRelease NotesService descriptionCertifications and attestationsPrivate CloudManaged ServicesBenefitsSecurity/DSGVOSustainabilityOpenStackMarket leaderPricesPricing modelsComputing & ContainersStorageNetworkDatabase & AnalysisSecurityManagement & ApplicationsPrice calculatorSolutionsIndustriesHealthcarePublic SectorScience and researchAutomotiveMedia and broadcastingRetailUse CasesArtificial intelligenceHigh Performance ComputingBig data and analyticsInternet of ThingsDisaster RecoveryData StorageTurnkey solutionsTelekom cloud solutionsPartner cloud solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsEssentials trainingFundamentals training coursePractitioner online self-trainingArchitect training courseCertificationsCommunityCommunity blogsCommunity eventsLibraryStudies and whitepaperWebinarsBusiness NavigatorSupportSupport from expertsAI chatbotShared ResponsibilityGuidelines for Security Testing (Penetration Tests)Mobile AppHelp toolsFirst stepsTutorialStatus DashboardFAQTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiriesCommunity

0800 3304477 24 hours a day, seven days a week

Write an E-mail 

Book now and claim starting credit of EUR 250
ProductsCore ServicesPrivate CloudManaged ServicesBenefitsPricesPricing modelsPrice calculatorSolutionsIndustriesUse CasesTurnkey solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsCommunityLibraryBusiness NavigatorSupportSupport from expertsHelp toolsTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiries
  • 0800 330447724 hours a day, seven days a week
  • Write an E-mail 
Book now and claim starting credit of EUR 250
HomeBlogUseful Cloud Computing InformationObligation to social confidentiality: secure cloud for social service providers

Obligation to social confidentiality: secure cloud for 
social service providers

by Editorial team
A woman and a man hold a tablet together on which a graphic can be seen
With the obligation to maintain social service data secrecy in accordance with Section 35, SGB I, the Open Telekom Cloud facilitates the secure storage of social service data.

In this article you will read about,

  • why social service data must be particularly well protected, 
  • how Telekom meets this requirement with its commitment to maintaining social service data secrecy, 
  • and why social service providers can use the Open Telekom Cloud without hesitation.

In order for social service agencies such as the providers of statutory health insurance, pension insurance, long-term care insurance, as well as employment and social welfare offices, to be able to do their work, they need to collect a lot of personal and sometimes sensitive data from those being insured. Social service providers collect personal data such as name, address, and date of birth, but also information such as pension insurance or tax identification number, in order to be able to provide their services properly. All of this information is summarized under the collective term “social data”. The legislator classifies this personal data of natural persons as particularly worthy of protection. It is therefore subject to social secrecy in accordance with Section 35 of the German Social Code I (SGB I). "The laws stipulate that social insurance providers may only process the personal data stored and processed by them within a very narrow and purpose-bound framework and must protect this data by taking correspondingly high technical and organizational measures," says Antje Rom, a specialist in-house lawyer at Deutsche Telekom. They must protect the sensitive information from unauthorized access and misuse in the course of data processing and may only disclose it to authorized persons.

Obligation to maintain social service data secrecy according to Section 35 SGB I

If, for example, a statutory health insurance provider or a social insurance agency wants to host such information in an external cloud solution, this is not straightforward. "The IT service provider and its subcontractors must not only comply with the strict requirements of the German Social Code (SGB) and the GDPR, but also fulfill the obligation to maintain social service data secrecy if they process the personal data of individuals in the course of their services," says Antje Rom. In order to implement the data processing guidelines in compliance with the law, social service providers must take many legal as well as technical precautions. But individual agreements, contract adjustments, and lengthy coordination processes cost time and slow down digitalization plans. The Open Telekom Cloud has therefore already included the obligation to maintain social confidentiality in accordance with Section 35 SGB I as standard in all contracts in 2021. The cloud provider and all subcontractors involved in the service throughout the Group are thus committed to maintaining social confidentiality.

Secure foundation for digitalization processes

"The standard social data secrecy obligation for employees and service providers operating on the Open Telekom Cloud means that those providing social benefits can use the Open Telekom Cloud to host data covered by social service data secrecy in the cloud without any contractual adjustments or legal coordination," says Antje Rom. This gives insurers and public authorities a flexible, GDPR-compliant, and secure basis for their digitalization processes. To meet the high data protection requirements of laws, case law, and regulatory recommendations in the public administration, healthcare, and insurance sectors, Telekom hosts the Open Telekom Cloud exclusively in European data centers that are among the most secure and modern of their kind. It ensures that data processing only takes place within the European Union and that customers can take full advantage of the cloud's performance.

Cloud increases speed and flexibility

In addition to meeting high data protection requirements and using state-of-the-art services, the cloud offers further advantages. An adaptable IT infrastructure is essential for responding quickly and as needed to new requirements and unforeseeable events. The cloud offers social service providers a reliable and flexible basis for absorbing spontaneous peak loads without having to permanently reserve IT resources. This cuts costs and makes it easier to provide digital services to customers. But employees also benefit. With the cloud, government agencies and insurance providers can roll out the technological basis for digital processes and modern forms of work within a very short time. The result: increased efficiency, better customer centricity and increased value creation.

Widas Group: commitment enables even more secure access management from the public cloud

For many customers, these extensive security and data protection components of the Open Telekom Cloud are crucial. One example is the Widas Group, one of the leading European providers of Cloud Identity & Access Management. "With our login and multi-factor authentication solutions, we offer an IT security product ourselves. Of course, the security of the underlying infrastructure is crucial," explains Sadrick Widmann, CEO of Widas. In addition to a GDPR-compliant basis and hosting in Germany, the cloud for providing the services should cover as many regulatory requirements as possible, including meeting the requirements of social confidentiality bodies.
This is ensured by the obligation to maintain social confidentiality in accordance with Section 35 SGB I. In addition, the Open Telekom Cloud with the Financial Addendum also offers the possibility of use by BaFin-regulated companies as well as by professional secrecy holders through the obligation to protect secrets in accordance with Section 203 of the German Criminal Code (StGB). 

This content might also interest you
 

Monitors showing the cidaas user interface.

Access control: How cidaas by Widas protects user profiles and businesses

The Widas Group with cidaas relies on the public cloud as the basis for its software-as-a-service offering and benefits from the secure IT infrastructure from the Open Telekom Cloud.

 
A woman and a man point their fingers at a digital lock on a glass wall

Open Telekom Cloud opens up to professional secrecy holders

Professional secrecy holders can use the Open Telekom Cloud for storing and processing data without hesitation within the meaning of Section 203 of the German Criminal Code (StGB).

 
Skyline of Frankfurt am Main by night

Using the public cloud in compliance with BaFin requirements

BaFin-regulated companies must provide evidence of effective risk management - also in terms of IT. We have therefore supplemented our contractual terms and conditions.

 
Useful Cloud Computing InformationData Protection / IT-Security

The Open Telekom Cloud Community

This is where users, developers and product owners meet to help each other, share knowledge and discuss.

Discover now

Free expert hotline

Our certified cloud experts provide you with personal service free of charge.

 0800 3304477 (from Germany)

 +800 33044770 (from abroad)

 24 hours a day, seven days a week

Write an E-Mail

Our customer service is available free of charge via E-Mail

Write an E-Mail

AIssistant

Our AI-powered search helps with your cloud needs.

In order to use our AI-powered seach you must first accept the cookies for services by other companies.

Accept the cookies for services by other companies