S 1.30 Safeguarding of data media containing data on telecommunications charges

Initiation responsibility: PBX officer; departmental data privacy officer

Implementation responsibility: Administrators

During the operation of PBX facilities, call data are generated. This contains information on:

• time and date of a call;

• calling number and called number; and

• duration of the call.

Call data are personal data within the meaning of the relevant federal and state protection laws. This implies that also under the IT baseline protection measures proposed hereafter, a separate review must in any case be made with regard to the requirements of data protection laws (e.g. the Annex to Section 9 of the Federal Data Protection Act - BDSG).

Such data can be stored both on the fixed disk of the PBX itself and on an external customer billing computer. In many cases, both variants will be combined. Where possible, computers must be protected in such a way that only authorised persons can access the call data. To achieve this, the billing computer must be installed in a specially protected room (cf. Chapter 4.3.2 - Server Room). For systems in which call data are stored, safeguards S 1.23 Locked doors, S 2.5 Division of responsibilities and separation of functions, S 2.6 Granting of site access authorisations, S 2.7 Granting of system/network access authorisations, S 2.8 Granting of (application/data) access rights, S 2.13 Disposal of resources requiring protection, and S 2.17 Entry regulations and controls must be implemented as well.

Additional controls:

• Who has access to call data?

• How is access protection ensured?

• Do only users with a justified interest have access rights?

• Where are the backup copies kept, and who has access to them?

• How are data media disposed?

• For how long will stored data be kept?