DIN Standards are the results of work at the national, European and/or international level. Anyone can submit a proposal for a new standard. Once accepted, the standards project is carried out according to set rules of procedure by the relevant DIN Standards Committee, the relevant Technical Committee of the European standards organization CEN (CENELEC for electrotechnical standards) or the relevant committee at the International Standards Organization, ISO (IEC for electrotechnical projects).
DIN Standards are reviewed at least every five years. If a standard no longer reflects the current state of technology, it is either revised or withdrawn.
The 3 Protection Classes of DIN 66399
The protection requirement of your data is classified into three different classes. The type of data is checked to determine the protection requirement. This identifies which need for protection is required, and therefore the protection class.
|Protection 1: Normal security requirement for internal data.||Unauthorized publication or dissemination would have a limited negative impact on the company. Protection of personal data must be ensured. There would otherwise be a risk to the position and financial situation of the affected persons.|
|Protection 2: High security requirement for confidential data.||Unauthorized dissemination would have a considerable affect on the company and could infringe legal obligations or laws. The protection of personal data must fulfill strict requirements. There would otherwise be a considerable risk to the social standing and financial situation of the affected persons.|
|Protection 3: Very high protection requirements for particularly confidential and secret data.||Unauthorized dissemination would have serious terminal consequences for the company and infringe trade confidentiality obligations, contracts or laws. It is essential that the confidentiality of personal data is maintained. Otherwise there is a risk to the health and safety or personal freedom of the affected persons.|