The new Data Protection Act
The new Data Protection Act
Until the new FADP comes into force, the private sector and federal authorities will have to adapt their processing of personal data to the new provisions. The Commissioner has recorded what he considers to be the most significant changes:
The duty to provide information ensures that data processing is transparent and that the data subject’s rights are respected.
In accordance with the Federal Act on Data Protection, any person may request information from the controller of a data file as to whether their personal data is being processed.
Criminal aspects of breaches of obligations under the FADP.
Private- and public-sector data controllers must carry out a data protection impact assessment (DPIA) if data processing is likely to result in a high risk to the personality or fundamental rights of the data subjects.
It introduces changes for data processors and data subjects and provides the FDPIC with additional duties and powers.
In future, the FDPIC will charge private data processors for a number of his services.
The Data Protection Act allows companies to self-regulate. Those that appoint a data protection advisor and notify the FDPIC that they have done so will be subject to fewer data protection impact assessment requirements
Answers to common questions about data protection and privacy.
The current and future legal basis.