Amend­ment of the Regu­la­ti­on on Data Pro­tec­tion Certifications

The Fede­ral Coun­cil has adopted the Ordi­nan­ce on Data Pro­tec­tion Cer­ti­fi­ca­ti­ons (VDSZ; the Fede­ral Office of Justi­ce has Expl­ana­ti­ons published, and seve­ral Gui­de­lines of the FDPIC) updated. The VDSZ pro­vi­des that pro­ce­du­res and pro­ducts for pro­ce­s­sing per­so­nal data can be cer­ti­fi­ed by accre­di­ted cer­ti­fi­ca­ti­on bodies. For the cer­ti­fi­ca­ti­on and to deter­mi­ne the qua­li­fi­ca­ti­on of the respon­si­ble per­son­nel, the regu­la­ti­on refers to ISO stan­dards in the ver­si­on of a cer­tain year. Now, the VDSZ no lon­ger refers to a spe­ci­fic edi­ti­on of the regu­lar­ly chan­ging ISO stan­dards, but gene­ral­ly to the inter­na­tio­nal­ly aut­ho­ri­ta­ti­ve requi­re­ments appli­ca­ble to Switz­er­land. This chan­ge came into force on Novem­ber 1, 2016.