The revised Federal Act on Data Protection (nFADP) will come into force on September 1, 2023, together with the implementing provisions in the Ordinance to the Federal Act on Data Protection (DPO) and the Ordinance on Data Protection Certifications (DPCO).
Although the principles of data protection remain essentially the same, a number of new obligations are imposed on companies. These obligations include, for example, an extended duty to inform data subjects, the performance of data protection impact assessments, the record of data processing activities, the implementation of privacy by design and the notification of data security breaches. The penal provisions for natural persons have also been tightened significantly.
As the nFADP does not provide for any transition periods, companies should now examine the extent to which their internal regulations and processes for data management comply with the new requirements.
The webinar will highlight the new obligations for companies and the consequences of non-compliance. It will highlight the need for action for companies and provide pragmatic implementation approaches. Finally, the most important differences to the GDPR will be highlighted.