It has not been clarified in all respects under which circumstances a Outsourcing by persons who are subject to a Professional secrecy (such as doctors and lawyers). In Switzerland, Prof. Wohlers has stimulated this discussion by a Expert opinion, an essay in digma (Outsourcing durch Berufsgeheimnisträger, digma 2016, 114 et seq. [Swisslex]) and initiated by a presentation of (on May 27, 2016). The opinion expressed by Prof. Wohlers had sporadic practical effects (cf. e.g. here), but otherwise triggered a surprisingly quiet echo.
In Germany, an analogous discussion has been going on for some time and has led to a draft law there that is intended to legally regulate the outsourcing by professional secrecy providers, which is also unavoidable in Germany from a practical point of view (BR-Drs. 163/17, “Draft of a Law on the Reorganization of the Protection of Secrets in the Participation of Third Parties in the Exercise of the Profession of Persons Obliged to Maintain Secrecy”). However, the situation is different in Switzerland in that § 203 of the German StGB The Swiss Code of Criminal Procedure does not oblige auxiliary persons to observe professional secrecy, unlike, for example, Art. 321 of the Swiss Criminal Code. A legal regulation is therefore more likely in Germany than in Switzerland.
On January 24, 2017, the Conference of the Independent Data Protection Authorities of the Federal Government and the Länder agreed to voiced and made the following demand, which is also correct for Switzerland:
The Conference of the Independent Data Protection Authorities of the Federation and the Länder urges […] that the draft law be improved and the planned synchronize criminal and professional regulations with data protection regulations. It must be possible for holders of professional secrecy to consult external service providers. In the interest of the professional secrecy holder’s undisturbed exercise of his profession and the right to informational self-determination of the persons concerned, the obligations that affect the professional secrecy holder from different areas of law should, however, be structured in parallel as far as possible.
In Switzerland, too, what follows a dictate of practical necessity and is permissible under data protection law should not be prohibited under criminal law. The aforementioned “synchronization” of data protection with other regulations is, moreover, a general concern, including, for example, the Revision of the FINMA Circular Outsourcing.