Discover Germany | Special Theme | Safety & Security
Board members Manuela Matz, attorney and Professor Dr. Dirk Loomans, CEO of Loomans & Matz AG.
Loomans & Matz AG’s employees.
Everyone can guarantee data security
– with the right advice and systems General Data Protection Regulation (GDPR) is currently an important topic for the consultants at Loomans & Matz AG, based in Mainz. With this regulation, the European Union introduced a homogeneous data and privacy law that will be compulsory for European companies from May 2018 onwards. TEXT: JESSICA HOLZHAUSEN | PHOTOS: LOOMANS & MATZ AG
Fulfilling the GDPR’s legal requirements is quite a challenge for many companies – even for those operating in countries with already strict laws like Germany. But violating these new regulations would entail drastic penalties, which was until now not the case, warns Professor Dr. Dirk Loomans, CEO of Loomans & Matz AG: “These could be up to 20 million euros or four per cent of consolidated sales – depending on what is higher.” This is a risk no-one probably wants to take, especially since cases have already been reported where authorities tried to review the new requirements even though they are not even in place.
instance, Loomans & Matz helped SAP to introduce such a data security system. In 2014, Loomans & Matz wrote a practical guide for data privacy management systems together with Michael Wiedemann (SAP), describing the process including small and medium-sized companies. Consultants working for Loomans & Matz have many years of experience, but come from very different backgrounds. The two heads of the company are a physicist and a lawyer, others are economists, natural or political scientists, IT experts and even teachers. “This is why we can effectively work together with all areas in a company and do not have to leave tasks to third parties.”
Loomans & Matz is one of the very few consultancies that actually have years of experience with said processes. In 2011 for
According to GDPR, companies must adapt their overall IT structures. They will be obligated to report relevant data breaches
88 | Issue 55 | October 2017
within 72 hours.“Everyone who ever had to deal with IT processes knows how incredibly short that time period is,”says CEO and lawyer Manuela Matz. This is why companies need to establish data security processes accordingly and as soon as possible. Last but not least, GDPR requires that data security will be handled as a riskorientated process that is constantly improved and not as a technical measure that, once installed, never needs to be touched again, explains Matz:“Companies have to be aware that it is now necessary to establish a management system that will be refined over the years.” www.loomans-matz.de Loomans & Matz AG’s employees.