GDPdU

Principles for data access and verifiability of digital documents.

Digital documents are an integral part of today's business environment. In January 2002, the German fiscal authorities recognised this and, in the context of the tax reduction legislation from the year 2000, enacted laws regarding the storage or safe keeping of digital documents and the requirement for firms to cooperate with the requirements for external audits. The laws ensure that the auditor has wide reaching access rights to the data handling systems of companies in Germany.

Paragraph 2b

In January 2009, as part of changes to the annual tax law, new consequences were set out for failing to comply with GDPdU principles. In an amendment to §146, paragraph 2b states that if the GDPdU principles are not fulfilled, a fine of between €2,500 and €250,000 can be levied.

Organizations have no alternative but to take compliance seriously. FILERO is being used by organizations to conform to the latest legal requirements. nexMart uses FILERO as part of its legally compliant digital signature solution: www.nexmart.de.

The principles of GDPdU

All paper and electronic documents must be accessible on request for the tax auditor in a manner where they are included in accordance with the accruals concept for each relevant business transaction/customer record:

 

  • Accounting journals, Master data
  • Offers, Contracts, Delivery Reports, Invoices etc
  • Payroll Accounting (also travel expenses and reports etc.)
  • Time Recording Systems, Cash Balance for PC Cash Points

For this reason, it makes little sense to use solutions such as an e-mail appliance that only stores and retrieves emails via a search capability. In FILERO, all data is stored sequentially and logically according to project or customer for example. Simple to configure but powerful access right settings mean that the auditor can be restricted to seeing only tax-relevant data and not other sensitive information. This is particularly important, as the auditor is within his rights to use all information at his disposal.

All data must be accessible for a period of ten years. The data must be stored in its original form and should be accessible even if the format is no longer supported. With FILERO this is no problem. All data is stored in its original format and can be retrieved even when no longer supported - because FILERO stores the information as a 'bit stream'.

The auditor has wide ranging access to data for auditing purposes. There are 4 different types of access:

Different access methods according to the German law GDPdU

  • Z0-Access: Standard Audit
  • Z1-Access: Direct Access Access at the company’s premises using their hard- and software so that the auditor can analyze and audit the data
  • Z2-Access: Indirect Access The company staff creates the data analysis according to the auditor’s demands
  • Z3-Access: Handover of Data Volumes Handover of electronic data media in machine readable format. The auditor examines and audits the data using the IT of the fiscal authorities.

Organizations need to be prepared for the different audit methods listed above.

Outsourcing the management and storage of data for auditing purposes is possible, but it should be noted that this does not absolve companies of their obligations. If data has not been managed correctly, the responsibility ultimately lies with the organization where the data originated, not with the hosting organization. The best way for a company to protect itself from such consequences is to implement a professional and integrated IT solution.

Video: FILERO

Life can be so easy - with FILERO!

Our new products at CeBIT 2016: FILERO ADAS and...

Find out more about FILERO ADAS and FiPost - two new products that enrich our product range and support an even more...

Companies and Organizations are going Mobile

Office applications must change!