UR/Elias Wiedemann Link to Data Protection - University of Regensburg (external link, opens in a new window)
Link to IT Security – University of Regensburg (external link, opens in a new window)
From the Guidelines on IT Security and Data Protection at the University of Regensburg (external link, opens in a new window) dated 11 December 2025:
A university thrives on knowledge and its production, dissemination and sharing.
In carrying out their duties, members of the university rely on the careful handling of data and information, reliable information technology (IT) and the appropriate protection of both personal data and other intellectual property, as well as the operational reliability of IT systems. At the same time, data and information must be reliably and conveniently accessible. Protection and availability form the equally important pillars of the effective handling of data and information. Added to this are the corresponding requirements for the secure and efficient operation of a public institution and compliance with mandatory legal provisions.
‘IT security’ supports and ensures these objectives at both the technical and organisational levels. Given the increasing degree of networking, the ever-growing distribution of information alongside the integration of IT services, and the parallel rapid rise in the number of cybercrime offences and cases of scientific and industrial espionage in recent years, the threat to the information technology in use has increased. This poses a threat to the fulfilment of our remit and to the safeguarding of the rights protected by constitutional law in the areas of academic freedom and research, as well as to the right to informational self-determination of the individuals concerned.
Given the numerous and, in some cases, very significant risks, a high level of awareness of IT security and data protection is expected of every member of the university. The required level of security awareness can only be achieved if, in particular, staff members are made aware of the challenges relating to IT security and data protection, are familiar with their own responsibilities and duties, and act in a responsible manner.
IT security and data protection are promoted in particular through the following behaviour:
- Security awareness in all work,
- Personal responsibility for taking proactive and effective reactive measures to ensure informed action in relation to all risks, vulnerabilities, incidents, information and assets
- Continuation of university operations in the event of an emergency, whilst the representatives for IT security and data protection are immediately informed in the event of any irregularities.
To achieve this security awareness, staff in particular are regularly informed about security-related topics and offered ongoing training sessions.
Security objectives
Computer systems, IT services and the university’s internal computer network are intended to support the university’s tasks in the areas of research, teaching, learning and administration.
This gives rise to the following strategic objectives:
- Ensuring the smooth running of research and teaching operations
- Resource-efficient use
- Establishing a continuous improvement process (CIP)