Data protection: Are your processes secure?

Data protection remains an important issue for companies, especially considering the new Data Protection Act (DPA), which came into force in Switzerland on 1 September 2023. This law has required most companies to update their data protection measures and ensure compliance with legal requirements. Many companies have taken measures, such as updating data protection declarations on their websites and drawing up contracts with service providers. However, reviewing and, if necessary, updating the company's processes and guidelines has often fallen by the wayside. This gap can expose companies to considerable risks. One year after the new Data Protection Act came into force, we take a look at this topic and how these risks can be minimized. 

The real risk: data breaches and their consequences

Data breaches can have a devastating impact on a company's reputation and finances. In recent months, there has been a strong focus on the framework conditions. Comprehensive information obligations had to be complied with and contracts had to be concluded with subcontractors. These activities have absorbed a lot of resources, leaving little time for a comprehensive review and update of procedures and processes within the company. Even the most comprehensive data protection declarations do not help if, for example, confidential data continues to be sent via unencrypted emails. However, protecting the data of customers, employees and partners is not an issue that can be neglected when it comes to a company's reputation.

Why an expert audit is indispensable

Modern data protection laws (DPA in Switzerland, GDPR in Europe) outline the necessity of data protection in broad terms and set out principles. However, the laws generally do not provide any specific information on the necessary technical and organizational measures that can be implemented to ensure data protection. In such situations, the advice of experts is invaluable, especially if the necessary expertise or the corresponding capacities are not available in-house.

The Fidinam approach: a comprehensive, customized process

1. Initial assessment: the process begins with a thorough analysis of your current technical and organizational measures using a checklist developed by Fidinam. This helps to identify strengths and areas for improvement.
   
   
2. Detailed recommendations: Following the assessment, you will receive a comprehensive overview of the current situation in the form of a dashboard. On this basis, a management summary is drawn up and measures are proposed to optimize the processes from a data protection perspective. Great emphasis is placed on optimizing the cost-benefit ratio and you benefit from Fidinam's legally compliant pragmatism.
   
   
3. Implementation support: If required, we offer support in implementing these recommendations so that your company is equipped for the challenges of data protection and existing resources are not overstretched.
   
   
4. Ongoing monitoring: Data protection is an ongoing process. If required, we can develop a pragmatic plan for your organization to regularly review the key elements of your data protection strategy so that you can stay ahead of future challenges without major additional investment.

Why Fidinam can be your data protection partner? 

• Proven expertise: Fidinam has helped companies from a wide range of industries to improve their data protection strategies. References are available on request.
• Customized solutions: We understand that every organization has its own challenges and objectives. Our approach is tailored to your specific needs, drawing on more than 60 years of consulting experience to provide practical, actionable solutions.
• Holistic view: Our experience goes beyond data protection to encompass all HR processes, providing a comprehensive view of your organization to identify potential synergies and efficiencies.
• The value of a DPA-check: Working with Fidinam ensures that your organization not only complies with data protection regulations, but also takes a pragmatic and secure approach to handling personal data. Our standardized procedure usually allows us to carry out a full audit, including a catalogue of measures, within two working days. The costs for this service start at around CHF 5,000; a small investment compared to the loss of reputation or the potentially high fines for data protection violations.

About the author

Dominic Müller is the director of Fidinam Zürich and is responsible for the expansion of the fiduciary business in German-speaking Switzerland. He holds a Master of Law from the University of Bern and has spent his career focusing on HR consulting and outsourcing. The main focus of Mr. Müller's work at Fidinam is on advising on HR issues, including data protection, outsourcing accounting with a focus on payroll accounting, whereby he is also responsible for interim management. Mr. Müller is an experienced problem solver for HR departments at both national and international level.

Fidinam can help

With more than 60 years of experience in advising local and international clients, our team of qualified experts can support individuals, small and medium-sized enterprises or multinational corporations with customised solutions.

Contact us, if you would like advice or further information on this topic.