Legally compliant scanning. BSI-certified.
Legally compliant scanning according to BSI TR-RESISCAN for tamper-proof digitisation. Meets the requirements of the Technical Guideline RESISCAN from the German Federal Office for Information Security (BSI).
With Docuflair TR-RESISCAN, your digital copy receives the same legal evidential value as the paper original.
Full compliance with the Technical Guideline TR-RESISCAN from the German Federal Office for Information Security.
Digital documents receive the same legal standing as the paper original through substitute scanning.
Comprehensive audit trail documents every step of the scanning process for maximum transparency.
A single software installation is all it takes. No complex infrastructure required.
See how simple legally compliant scanning can be
From authentication to digital signature
Login at the device before scanning for clear identification
Scanning with preview directly at the multifunction device
Visual verification and quality control in the browser
Automatic documentation of the scanning process with all relevant metadata
Legally binding signature of the PDF/A document
Everything for legally compliant and BSI-certified scanning
Secure login at the device before each scan for unambiguous attribution.
Immediate verification of scan results directly at the multifunction device.
Automatic logging of scan time, device data and processing results.
Archive-ready format for long-term storage and readability.
Comprehensive documentation of all steps for compliance and auditing.
One software, quick setup, no complex infrastructure required.
The Technical Guideline from the German Federal Office for Information Security for substitute scanning
BSI TR-03138 (Technical Guideline for Substitute Scanning - RESISCAN) defines security-relevant technical and organisational measures for scanning processes where the paper original is to be destroyed after digitisation.
The aim is to ensure the evidential value of the scan product is as close as possible to that of the original.
TR-RESISCAN consists of the main document and several annexes:
Version 1.5 extends TR-RESISCAN to include the option of mobile substitute scanning. This enables the substitute digitisation of paper originals using mobile devices (smartphone, tablet) with a suitable scanning app.
TR-RESISCAN uses a modular system of base and extension modules
Basic requirements for all protection categories
Additional measures for high protection needs
Measures to protect sensitive data
The protection requirement determines the necessary modules and measures
The damage impact is limited and manageable. Standard business documents without special requirements.
The damage impact can be considerable. Documents with legal relevance or personal data.
The damage impact can be existential. Highly sensitive documents, critical infrastructure records.
The protection requirement is determined separately for each of the three protection goals:
TR-RESISCAN as "state of the art" in German legislation
The E-Government Act requires German federal agencies to maintain electronic records. Section 7 references TR-RESISCAN as the state of the art for substitute scanning.
The Code of Civil Procedure governs the evidential value of scanned public documents. TR-RESISCAN-compliant scans are recognised as evidence in court.
The Principles of Proper Accounting and Record-Keeping govern digital bookkeeping. TR-RESISCAN complements the tax law requirements.
Electronic legal communication at courts enables the submission of substitute-scanned documents as evidence in accordance with TR-RESISCAN.
Various options for demonstrating guideline conformity
Official confirmation by the BSI
Comprehensive assessment of all requirements in Annex P by accredited test centres. Highest level of evidence.
Practice-oriented VOI-CERT certification
Alternative to BSI certification with reduced effort. Assessment based on Annex P of TR-RESISCAN.
Self-responsible conformity declaration
The organisation declares TR-RESISCAN compliance on its own responsibility. Sufficient for many tenders.
TR-RESISCAN serves as a practice-oriented guideline for proper scanning processes - without mandatory certification. Docuflair supports you on all three paths to conformity.
Automated compliance for all modules of the technical guideline
The Technical Guideline RESISCAN defines binding standards for substitute scanning
Full compliance with all requirements of the Technical Guideline for substitute scanning.
Cryptographically secured document capture prevents subsequent modifications.
Digital documents receive the same legal evidential value as the paper original.
PDF/A format and digital signature ensure permanent storage.
Comprehensive audit trail documents every step of the scanning process.
Legally binding digital signature guarantees integrity and authenticity.
Understanding the German standard for legally compliant substitute scanning
TR-RESISCAN is a Technical Guideline issued by the German Federal Office for Information Security (BSI). It establishes requirements for the legally compliant digitisation of paper documents.
The guideline enables "substitute scanning" - a process where paper documents are digitised with full legal evidential value, allowing the original to be safely destroyed.
While originating in Germany, TR-RESISCAN represents best practice for legally compliant document digitisation applicable to organisations handling German documents or operating in German-speaking markets.
Organisations with high compliance requirements
Public administrations requiring legally compliant digitisation according to BSI specifications.
Companies with high compliance requirements and the need for substitute scanning.
Institutions that wish to digitise and archive paper collections in a legally compliant manner.
TR-RESISCAN is a Technical Guideline from the German Federal Office for Information Security (BSI). It defines requirements for legally compliant substitute scanning, where paper documents are digitised and the originals can subsequently be destroyed whilst maintaining full legal evidential value.
TR-RESISCAN is particularly relevant for government agencies, public institutions, companies with high compliance requirements, and all organisations that wish to legally destroy paper documents after scanning whilst retaining full evidential value.
The transfer note documents the scanning process and confirms the correspondence between original and digital copy. It contains information such as scan date, scan operator, settings used and verification results - essential for the evidential value of the digital document.
Visual inspection is an essential part of the TR-RESISCAN process. After scanning, the digital document is compared with the original on screen. The inspector confirms completeness and legibility - this is documented in the transfer note.
For TR-RESISCAN-compliant scanning, you need a suitable scanner, the Docuflair TR-RESISCAN software, and optionally a screen for visual inspection at the device. The software guides you through the entire process and ensures compliance with all requirements.
Yes, when the TR-RESISCAN process is carried out correctly, the original document can subsequently be destroyed. The digital document with transfer note then has the same evidential value as the original.
All documents are stored in PDF/A format, an ISO standard for long-term archiving. Additionally, they are digitally signed and tagged with metadata. This ensures that documents remain readable and verifiable for many years to come.
Implementation is very quick: by installing a single piece of software, legally compliant scanning according to TR-RESISCAN is available to you within minutes. Integration with existing systems is seamless through standardised interfaces.
The base module contains the minimum requirements for all protection categories - from user authentication to the transfer note. The extension modules (Integrity and Confidentiality) apply when there is increased protection need and define additional measures such as digital signatures, encryption and extended access controls.
No, certification is generally not mandatory. TR-RESISCAN serves as a practice-oriented guideline for proper scanning processes. There are three paths to conformity: official BSI certification, the "TR-RESISCAN ready" certificate (VOI-CERT), or a self-declaration with process documentation.
Version 1.5 (December 2024) introduces mobile substitute scanning. This enables TR-RESISCAN-compliant digitisation using mobile devices such as smartphones or tablets with a suitable scanning app. Particularly relevant for field service and decentralised locations.
The German E-Government Act (Section 7 EGovG) requires federal agencies to maintain electronic records and references TR-RESISCAN as state of the art. The Code of Civil Procedure (Section 371b ZPO) governs the evidential value of scanned public documents. The GoBD (principles of proper accounting) also complements TR-RESISCAN for tax-relevant documents.
The protection requirement is assessed separately for the three protection goals: Integrity, Confidentiality, and Availability. The categories are: Normal (limited damage impact), High (considerable impact), and Very High (existential impact). Depending on the classification, the base module and/or extension modules are required.
Contact us for a personal consultation or request a demo of Docuflair TR-RESISCAN.