Data Exchange to other Systems
다른 시스템에 수작업으로 데이터를 입력하는 수고를 최소화하기 위해, 3rd Party 시스템(Example : CAMDS)의 특별한 상황하에서 IMDS 데이터를 사용하는 방법을 찾고자하는 공급업체의 초기 제안이 있었습니다. 결과적으로 IMDS운영위원회는 IMDS 데이터를 특별한 조건하에서 외부 시스템으로 전송하는 것을 허용하기로 하였습니다.
How this can be done is defined in the IMDS-AI contract with the respective company and in the IMDS-AI Terms and Conditions. Any responsibility to adhere to the agreed rules is with the data-forwarding company.
The IMDS Steering Committee defined the following criteria which need to be met by the target system:
Target System Requirements
- Defined by the SC WG Data Use -
These criteria are defined by and may only be changed by the IMDS Steering Group according to the rules set forth in the respective member contracts (IMDS Service Level Agreements).
2. General Scope and Area of Accountability
- All companies using IMDS are focusing on automatic data transfer via IT systems.
- The company signing the IMDS-AI agreement is taking the responsibility that the target systems respectively the users of the target systems are fulfilling the following requirements.
3. General Requirements to allow Data Exchange
All Users of target system(s) have to acknowledge and comply with:
- It must be ensured that all requirements regarding the data usage as defined in the IMDS ToU are kept (E.g. “Material data provided by a Data-Providing USER must not be used for cost and market research studies. In particular, the data shall not be used to generate or serve as a technical data sheet for products or materials or safety data sheet for substances and preparations. It shall not be used to describe or evaluate the quality of the corresponding goods or services [see (5) IMDS ToU]. Any further use and purpose needs to be approved by representatives of Data-Providing and Data-Receiving USER in advance.”).
- No data access for third parties as defined in the IMDS ToU, i.e. “The USER shall not be entitled to make the IMDS data available to the public or to transfer the IMDS data to any third party outside the automotive industry for such third party’s commercial interest”.
- Only recipients defined by sender have access to the data, no publication of the data outside the systems (b2b or authorities).
- No systematic analysis of data by any third party.
- No disclosure of supply chain.
- Usage only for compliance issues (including substance / material evaluation for LCA without relation to suppliers or costs).
- No unauthorized transfer of data from the third-party system to other systems (no forwarding).
- The target system vice versa has to allow data transfer to IMDS.
4. Security Requirements / Security Criteria to allow Data Use
IMDS demands from IMDS download companies that they make sure that target systems meet the security criteria in order to protect their own data and the data provided by IMDS as defined in the following:
- The general IT infrastructure has to fulfill common IT security standards.
- Target systems shall conform to the international standard ISO/IEC 27001:2013 (Information technology – Security techniques – Information security management systems – Requirements).
You can also download these critera as a pdf document (25 KB).