Data Protection act, Switzerland // IT Management Solutions

Data Protection act, Switzerland

Casting a critical eye over
b) deliberations of the Federal Parliament and Parliamentary Committees; c) pending civil, penal, or international legal assistance proceedings, or public or administrative law proceedings, with the exception of administrative proceedings of the first instance; d) public registers relating to private law matters;

e) personal data processed by the International Committee of the Red Cross.

Article 3 Definitions

The expressions below shall be defined as follows:

a) personal data: all information relating to an identified or identifiable person, b) persons affected: the physical or legal persons about whom data is processed, c) sensitive personal data: data relating to:

1. religious, philosophical, political or trade union-related opinions or activities,

2. health, sexuality or racial origin,

3. social security files,

4. criminal or administrative proceedings and penalties;

d) personal profile: a collection of data that allows the appraisal of fundamental characteristics of the personality of a natural person; e) processing: any operations relating to personal data, irrespective of the equipment and procedures used, and in particular the collection, storage, use, modification, communication, archiving or the destruction of data; f) disclosure: rendering data accessible, for example by allowing access to data by either transferring, distributing, or publishing the data; g) file: a collection of personal data whose structure facilitates a search for data on a particular individual; h) Federal authority: the authorities or departments of the Swiss Confederation as well as any persons working for the Swiss Confederation; j) file controller: the private persons or Federal authorities who decide on the purpose and the content of the file; k) law, in the formal sense:

1. Federal acts and generally binding federal decrees subject to referendum

2. resolutions of international organisations that are binding on Switzerland and international law treaties that have been ratified by the Federal Assembly and that have legislative content.

Article 4 Principles

1 All processing of personal data must be undertaken in a lawful manner.

2 Processing must be conducted in good faith and must not be excessive.

3 Personal data may only be processed for the purpose either for which it was collected, or which is evident from the circumstances, or which is provided for by the law.

Article 5 Data accuracy

Whoever processes personal data must ensure that the information is correct. Any persons affected can request the rectification of inaccurate data.

Article 6 Transborder data flows

1 No personal data may be transferred abroad if the personal privacy of the persons affected could be seriously endangered, and in particular in cases where there is a failure to provide protection equivalent to that provided under Swiss law.

2 Whoever wishes to transmit data abroad must notify the Federal Data Protection Commissioner beforehand in cases where:

a) there is no legal obligation to disclose the data and

b) the persons affected have no knowledge of the transmission.

3 The Federal Council shall regulate the notification procedure in detail. It may provide for a simplified notification procedure or exemptions from the duty to notify in the event that the processing does not endanger the privacy of the persons affected.

Article 7 Data security

1 Personal data must be protected against unauthorised processing by appropriate organisational and technical means.

2 The Federal Council shall enact more detailed provisions on the minimum data security measures.

Article 8 Right of information

1 Anyone may ask a file controller if data stored relating to him is being processed.

2 The file controller must provide information on:

a) all data relating to the individual that is contained in the file;

b) the purpose and if necessary the legal basis for the processing, the categories of processed data, the individuals involved in processing the file, and the individuals designated to receive the file.

3 The file controller may disclose data relating to the health of an affected person to that person via a doctor designated by the person.

You might also like

The Political Meaning of Election 2001

by justyouraveragecitizen

The Political Meaning of Bush v. Gore
Peter Gabel
In the early afternoon of December 8, 2000—five weeks into the national debate about who had won the presidential election and four days before the United States Supreme Court settled the matter—San Francisco's 24 Divisidero bus was making its way along its cross-town route. On the surface, everything seemed normal on that bus—the passengers isolated in their passive roles, staring blankly straight ahead or looking aimlessly out of their windows, each avoiding eye contact with the other, proceeding along on the conveyor belt of social alienation that has imprisoned so many of us so much of the time for the last twenty years.
Then suddenly a big guy in a brown leather jacket got on the bus at Haight Street and shouted, 'The Florida Supreme Court decided for Gore 4–3!' Instantly, p…

Springer The Emergence of Personal Data Protection as a Fundamental Right of the EU (Law, Governance and Technology Series / Issues in Privacy and Data Protection)
Book (Springer)

VA releases internal audit summary of scheduling practices  — FedScoop
FedScoop reported earlier this week that VA has known for more than a year of serious weaknesses in VistA's identity and access management controls, as well as the scheduling module's overall integration into the enterprise electronic health record system.

Springer Beyond Data Protection: Strategic Case Studies and Practical Guidance
Book (Springer)
INTERNATIONAL MONETARY FUND Current Developments in Monetary and Financial Law, Vol. 5

Related Posts

Copyright © . All Rights Reserved