German DPA releases english translation of the Standard Data Protection Model

May 12, 2017


German DPA Releases English Translation of the Standard Data Protection Model

A German data protection authority (DPA) has published an English translation of the draft Standard Data Protection Model (SDM), which addresses the data protection goals of data minimization, availability, integrity, confidentiality, transparency, unlinkability and intervenability.

Specifically, the SDM provides an analysis of the relationship between the legal requirements found in the EU General Data Protection Regulation (GDPR), and the selection and implementation of data protection measures. In doing so, it includes a specific set of data security measures, as well as a methodology for the practical implementation of the GDPR’s requirements.

The goal of the SDM is two-fold:

• First, it is designed to assist DPAs in conducting “more transparent and upright reviews of technical and organizational data protection measures” in an effort to ensure that “transparent plausible, [and] reliable judgments” are reached.

• Second, it provides companies with “a methodology for assessing the efficacy of data protection measures required by data protection regulations” and guidance on how to “systematically plan, implement and continuously monitor” those measures.

An international version of the SDM is also being prepared. It will “focus even more closely on the aspects of the operationalization of fundamental rights by an appropriate selection and implementation of organizational measures and technical functionalities.”

The SDM is currently being reviewed by German DPAs, after being unanimously and affirmatively acknowledged (under abstention by Bavaria) by the 92nd Conference of the Independent Data Protection Authorities of the Bund and the Länder.

A final draft is expected to be released later this year, with revisions set to take place after May 2018, when the GDPR comes into force.

Read the full draft here.

You may also like


Privacy Management

Managing data transfers within the UK & EU

Join our experts as we discuss ways to effectively manage data transfers between the UK & EU while staying compliant with the latest privacy regulations.

October 31, 2023

Learn more


Data Discovery & Security

A guided tour of OneTrust Data Discovery magic

Our expert speaker will demonstrate how common real-world data challenges can be identified, addressed, and reported on, leading to better data governance, security, and alignment with business goals. 

October 26, 2023

Learn more


Data Discovery & Security

Data minimization and risk assessment in data discovery

Explore the concept of data minimization and its crucial role in enhancing security, privacy, and reducing risk.

October 19, 2023

Learn more