Submitted text
The Federal Council is instructed to submit a draft amendment to the Federal Law of March 20, 1981 on Accident Insurance (UVG), with the Case management measures included in the statutory duties of the bodies entrusted with the implementation of this Act. be made. In view of this, the amendment also creates the legal basis for processing personal data, including personal data requiring special protection and personality profiles. For such data processing, the consent of the data subject shall be required. The consent must be given in writing or in another form that allows proof by text.
In the event that the revision of the Federal Data Protection Act (FADP) is adopted, a legal basis for profiling within the meaning of the new FADP should be provided instead of a legal basis for the processing of personality profiles.
Justification
Case management measures are not part of the catalog of tasks under the UVG. Consequently, the bodies entrusted with the implementation of this Act cannot rely on this Act for the processing of personal data with regard to such measures. In this case, exclusively Article 17(2)(c) DPA applicable. The accident insurers may thus use personal data for case management measures Only exceptionally and after obtaining consent process the data subject in the individual case. These requirements impair the effectiveness of the measures and threaten to prevent their development and the associated benefits for the insurance companies and the data subjects.
For the case management measures, particularly sensitive personal data must be processed, but personality profiles must also be created. The legal basis for processing must therefore also include these special categories of personal data.
The draft revision of the DPA abolishes the concept of personality profile and introduces the concept of profiling. If the draft revision is adopted, the legal basis in the DPA must be adapted and “personality profiles” must be replaced by “profiling”.