Public Procurement and Cloud Service Providers in Germany

This report examines the regulations, rules and procedures surrounding procurement, and more specifically cloud procurement, in Germany. We provide a snapshot of the laws, regulations, and guidance that may impact cloud uptake and outsourcing in public, financial, and healthcare sectors.

Germany’s Digital Agenda 2014-2017 promoted digitalisation, internet use, technical skills, the buildout of e-government services, and movement towards broader cloud adoption — according to the federal government, successfully. In March 2016, the Federal Ministry of Economic Affairs and Energy released the new digital strategy, Digitale Strategie 2025, which notably implied that cloud can help meet goals.

In 2015, German IT officials agreed on terms for public sector cloud use under Resolution 2015/5 of the federal government’s IT Council. Under this resolution, Germany began developing the ‘Bundescloud,’ a cloud for federal government data hosting incorporating strict data protection and privacy schemes for government agencies.

The Resolution requires Bundescloud providers to sign a non-disclosure agreement promising to refrain from giving access to German data in foreign jurisdictions, such as the US, as well as requiring that sensitive information be stored on servers in Germany. Under these terms, the German government is only allowed to use cloud service providers (CSPs) certified by the government’s IT security office, the BSI, under the Cloud Computing Compliance Controls Catalogue (C5). In 2016, the BSI set C5 requirements as the mandatory minimum baseline for German government agencies to adopt public cloud solutions.

As experts in the field of regulatory policy, Access Partnership have the knowledge and expertise to help guide clients through the cloud procurement landscape. Our public policy specialists have a thorough understanding of the regulatory environment across Germany, the EU, and its member states, and possess extensive sector-specific knowledge, particularly in the fields of finance and health. These attributes allow us to provide our clients with comprehensive solutions to help achieve their goals with minimal fuss.

This report examines the regulations, rules and procedures surrounding procurement, and more specifically cloud procurement, in Germany. We provide a snapshot of the laws, regulations, and guidance that may impact cloud uptake and outsourcing in public, financial, and healthcare sectors.

Download the report here.

Related Articles

Unlocking Indonesia’s Digital Future: Secure Cloud Adoption in Financial Services

Unlocking Indonesia’s Digital Future: Secure Cloud Adoption in Financial Services

Indonesia’s financial services sector stands at a critical inflection point. While cloud technologies offer unprecedented opportunities for innovation, efficiency, and...

17 Apr 2025 Reports
Unlocking Generative AI’s Potential: Small and medium sized businesses (SMBs) as a catalyst for growth and workforce transformation

Unlocking Generative AI’s Potential: Small and medium sized businesses (SMBs) as a catalyst for growth and workforce transformation

Generative AI has quickly become one of the most transformative technologies of our time. With its ability to process vast...

16 Apr 2025 General
Fortifying the Middle East’s Digital Future: The economic benefits of investing in cybersecurity in the UAE

Fortifying the Middle East’s Digital Future: The economic benefits of investing in cybersecurity in the UAE

Having a secure digital ecosystem is now key to economic growth and security for the UAE. Transactions and business operations...

10 Apr 2025 General
Bridging Access for All: Why does enhancing mobility matter for Japan?

Bridging Access for All: Why does enhancing mobility matter for Japan?

Access Partnership and the International University of Japan’s Centre for Global Communications (GLOCOM) Release Economic Study on Enhancing Mobility in...

25 Mar 2025 General