Principles for data access and verifiability of digital documents.

Digital documents are an integral part of today's business environment. In January 2002, the German fiscal authorities recognised this and, in the context of the tax reduction legislation from the year 2000, enacted laws regarding the storage or safe keeping of digital documents and the requirement for firms to cooperate with the requirements for external audits. The laws ensure that the auditor has wide reaching access rights to the data handling systems of companies in Germany.

Paragraph 2b

In January 2009, as part of changes to the annual tax law, new consequences were set out for failing to comply with GDPdU principles. In an amendment to §146, paragraph 2b states that if the GDPdU principles are not fulfilled, a fine of between €2,500 and €250,000 can be levied.

Organizations have no alternative but to take compliance seriously. FILERO is being used by organizations to conform to the latest legal requirements. nexMart uses FILERO as part of its legally compliant digital signature solution:

The principles of GDPdU

All paper and electronic documents must be accessible on request for the tax auditor in a manner where they are included in accordance with the accruals concept for each relevant business transaction/customer record:


  • Accounting journals, Master data
  • Offers, Contracts, Delivery Reports, Invoices etc
  • Payroll Accounting (also travel expenses and reports etc.)
  • Time Recording Systems, Cash Balance for PC Cash Points

For this reason, it makes little sense to use solutions such as an e-mail appliance that only stores and retrieves emails via a search capability. In FILERO, all data is stored sequentially and logically according to project or customer for example. Simple to configure but powerful access right settings mean that the auditor can be restricted to seeing only tax-relevant data and not other sensitive information. This is particularly important, as the auditor is within his rights to use all information at his disposal.

All data must be accessible for a period of ten years. The data must be stored in its original form and should be accessible even if the format is no longer supported. With FILERO this is no problem. All data is stored in its original format and can be retrieved even when no longer supported - because FILERO stores the information as a 'bit stream'.

The auditor has wide ranging access to data for auditing purposes. There are 4 different types of access:

Different access methods according to the German law GDPdU

  • Z0-Access: Standard Audit
  • Z1-Access: Direct Access Access at the company’s premises using their hard- and software so that the auditor can analyze and audit the data
  • Z2-Access: Indirect Access The company staff creates the data analysis according to the auditor’s demands
  • Z3-Access: Handover of Data Volumes Handover of electronic data media in machine readable format. The auditor examines and audits the data using the IT of the fiscal authorities.

Organizations need to be prepared for the different audit methods listed above.

Outsourcing the management and storage of data for auditing purposes is possible, but it should be noted that this does not absolve companies of their obligations. If data has not been managed correctly, the responsibility ultimately lies with the organization where the data originated, not with the hosting organization. The best way for a company to protect itself from such consequences is to implement a professional and integrated IT solution.

Professional information management with FILERO...

FILERO, the leading web-based enterprise information management solution, is now offering an interface to MetaDirectory...

Systematic digitalization at Poultry Farm...

The digital transformation is in full progress and is leading to fundamental changes throughout the entire business...

FILERO – Time tracking with timeBuzzer

How simple it can be: buzz, work, buzz – tracking your working time is easy with the FILERO Enterprise Information...