parl. Initia­ti­ve Eder (16.411): For the pro­tec­tion of per­so­na­li­ty also in the super­vi­si­on of health insurance.
Not yet dis­cus­sed in the Council

Sub­mit­ted text

Based on Artic­le 160 para­graph 1 of the Fede­ral Con­sti­tu­ti­on and Artic­le 107 of the Par­lia­men­ta­ry Act, I sub­mit the fol­lo­wing par­lia­men­ta­ry initiative:

The Fede­ral Law on the Super­vi­si­on of Social Health Insu­rance must be adapt­ed to ensu­re per­so­nal data pro­tec­tion. The fol­lo­wing amend­ment to the law repres­ents a pos­si­ble way of doing this:

KVAG Artic­le 35 Para­graph 2bis (new)

The infor­ma­ti­on on the data is to be pro­vi­ded in grou­ped form, so that no con­clu­si­ons can be drawn about indi­vi­du­al data of the insu­red persons.

KVAG Artic­le 35 Para­graph 2ter (new)

For the imple­men­ta­ti­on of risk equa­lizati­on, the insu­r­ers pro­vi­de the requi­red indi­vi­du­al data to the joint insti­tu­ti­on (Art. 18 KVG).

Justi­fi­ca­ti­on

As part of the so-cal­led “EFIND data coll­ec­tion”, the super­vi­so­ry aut­ho­ri­ty is in the pro­cess of set­ting up a com­pre­hen­si­ve coll­ec­tion of indi­vi­du­al health data of all insu­red per­sons in Switz­er­land. Howe­ver, the­re is no for­mal legal basis for this, which means that the requi­re­ments of the Data Pro­tec­tion Act are being violated.

The fact is that the law does not allow the super­vi­so­ry aut­ho­ri­ty to pro­cess indi­vi­du­al data of the insu­red per­sons and the imple­men­ta­ti­on of the super­vi­si­on of health insu­rance does not requi­re indi­vi­du­al data of the insu­red per­sons eit­her. The coll­ec­tion of indi­vi­du­al data by the super­vi­so­ry aut­ho­ri­ty thus con­tra­dicts the prin­ci­ples of lega­li­ty and pro­por­tio­na­li­ty. Artic­le 35 KVAG expli­ci­t­ly sta­tes that insu­r­ers are requi­red to pro­vi­de “infor­ma­ti­on on data”, but not that the data its­elf must be pro­vi­ded. The legal for­mu­la­ti­on thus effec­tively exclu­des the pro­vi­si­on of indi­vi­du­al data to the super­vi­so­ry aut­ho­ri­ty. A cla­ri­fi­ca­ti­on of the legal basis would be useful to cla­ri­fy the situa­ti­on (new Artic­le 35(2bis)).

Only for the imple­men­ta­ti­on of the mor­bi­di­ty-based risk equa­lizati­on (Artic­les 16 – 17a KVG, in force from Janu­ary 1, 2017) is data on the insu­red per­sons requi­red. Here, the deve­lo­p­ment work has reve­a­led the cor­re­spon­ding need, as can be seen from the total revi­si­on of the Ordi­nan­ce on Risk Equa­lizati­on in Health Insu­rance (VORA). The cor­re­spon­ding data must be made available to the joint insti­tu­ti­on (new Artic­le 35(2ter)).

Over­all, it pro­ves to be expe­di­ent to regu­la­te the issue of indi­vi­du­al data coll­ec­tion in the area of health insu­rance as pro­po­sed. The “Gemein­sa­me Ein­rich­tung KVG” is char­ged with the imple­men­ta­ti­on of risk equa­lizati­on and is thus pre­de­sti­ned for the pur­po­se-bound data coll­ec­tion out­side of supervision.

Final­ly, it should be noted that this need for cla­ri­fi­ca­ti­on exists inde­pendent­ly of the ent­ry into force of the new Health Insu­rance Super­vi­si­on Act KVAG. In par­ti­cu­lar, the pro­po­sal does not aim to call into que­sti­on the KVAG in who­le or in part.