Michael Kleist, Area Vice President DACH at CyberArk

Data Privacy Day is celebrated on 28 January – an event that regularly encourages discussion about data protection and privacy. In Germany, data protection has traditionally been highly valued, as debates about data protection in the context of increasing digitalisation and the use of artificial intelligence repeatedly show. One current example is the introduction of electronic patient files (ePA) on 15 January, which are now available to everyone with statutory health insurance. However, there are concerns regarding access control, the protection of sensitive health data and possible security vulnerabilities in the system. The use of the electronic patient file is regulated by the Patient Data Protection Act (PDSG), which obliges health insurance companies to offer an electronic patient file and at the same time ensures that data sovereignty remains with the insured.

Even though laws and regulations require organisations to comply with data protection and privacy, the work is far from done, and this year’s Data Privacy Day motto, ‘Take control of your data’, reminds us that everyone has a role to play in protecting privacy. True control requires action, vigilance and collaboration from all of us.

It is important that business and IT leaders continue to prioritise proactive data protection measures, as the challenges ahead are formidable. The ever-increasing amounts of data, the rapid advances in technologies such as AI and, of course, the ever more complex threats require our full attention.

A crucial building block here is identity security – for human as well as non-human identities. The use of identity management solutions and the protection of user data are essential steps to minimise risks. By prioritising identity security, organisations and individuals alike can take significant steps towards truly retaining data sovereignty.