The Online Access Act
The Online Access Act
Digitalisation is progressing
The Online Access Act (OZG) was passed in 2107 with the aim of making all administrative services in Germany digitally available by 2022. In future, citizens will be able to access and use administrative services regardless of their location via a user account with electronic identification. To achieve this, the federal and state governments must merge their administrative portals into a joint portal network.
The aim of the law
In a global comparison, Germany is lagging behind in terms of digitalisation. The Online Access Act is intended to drive digitalisation in Germany. The main aim of the OZG is to make electronic access to public authorities direct, uncomplicated and secure. As a first step, the administrative portals of all federal, state and local authorities must be linked to form a portal network, i.e. a virtual portal. This means that, after a one-off registration, the user accounts of citizens provided in the portal network can use all services offered from any location.

The aim is to make it possible to find and access online administrative services in a transparent, cross-administrative manner, in just a few steps, regardless of location and without barriers. The IT Planning Council of the Federal Ministry of the Interior, Building and Community (BMI) has identified a total of 575 online administrative processes. 115 of these relate to the federal level, while the rest are the responsibility of the federal states and local authorities. These include, for example, re-registration at the residents' registration office, child benefit applications and business registrations.
The user accounts
The individual user accounts must be set up once by citizens and are intended to ensure that the data required to use the administrative service does not have to be re-entered each time. Authentication depends on the required confidentiality of the individual service.
The authentication options will be:
User password combination
eID function of the ID card or electronic residence permit
In addition, the user account should enable electronic communication with the relevant competent authority via a message mailbox.
This also means that in future, the master data of citizens and companies will be available centrally in the portal network and can be exchanged between authorities. This naturally requires the consent of the respective users.

Sounds so simple, but it's not
The implementation of the law poses considerable challenges for public administrations. On the one hand, these arise from the legal framework set by the OZG and, on the other, from compliance with existing and expected laws. The law itself makes compliance with IT security mandatory for all bodies - fortunately. The BSI baseline protection and the implementation of information security as a process in the sense of an information security management system (ISMS) are recommended as a working basis.
Within our [secure]check we check the status of your information security management system (ISMS). If you are interested, please get in touch with us!
Find out more about the specific challenges facing federal, state and local authorities, as well as the technical requirements and IT security, in the second part of this blog series next week.
