As with the introduction of the GDPR, the hectic pace in the run-up to the issue of data protection was and is noticeable everywhere. Completely wrongly, provided that one had already fulfilled the elementary requirements before. Because the new data protection law brings little that is new. However, a personal punishment, which in the end is probably the best thing that could be included. Because all of a sudden, customers are asking us, “Can I be held personally responsible?”.
The answer to that has to be YES, although of course it is completely different whether you are in a leadership position or whether you are just an “executer”. However, all it takes is one wrong mail and disaster is a reality. The most recent example: the disclosure of data from the Northern Ireland police. In such cases, the best security system is of no use, because people always find ways and means to circumvent it. Incorrectly, the article speaks of a “security breach”, which is exactly what it was not! Data protection is more than 50% dependent on personal behavior, which is precisely why the aforementioned criminal liability is necessary.
For all those who have only recently started to think about which issues to pay particular attention to when it comes to data protection, I will provide some important tips here. As we all know, data protection is an ongoing management task, not a project. Thus, it is also immediately said that the implementation requires permanent care.
Good data protection is like consistent quality: it’s not a sprint, it’s a marathon. Those who focus only on short-term goals will lose the race.
The 10 mnemonic sentences are:
- You are not protecting YOUR data, but those of your employees, customers, citizens, etc. Always put yourself in the personal situation of those affected.
- The tightrope walk SERVICE VS. DATA PROTECTION is a permanent challenge. Make examples as part of training and follow up regularly.
- There is no technical solution that “does” data protection.
- Data privacy and information security are partners, not enemies.
- Ensuring data quality will become the biggest challenge in the coming years …and AI will not solve the problem.
- People do not become privacy lovers just because there is a law.
- You have to sell data protection in a target group-oriented way.
- Data protection does not become more popular just because people obsessively demand it.
- Encourage personal involvement; there are plenty of examples.
- The misuse of data usually endangers you or people entrusted to you not today, but in the future.
I gave further hints in an interview with the company ebertlang.ch. You can find this video here:
We will be happy to advise you individually on how to deal with data protection risks and everything that goes with it (from the data protection management tool “Lineback”, to contracts such as ABV/AVV, directives or data protection guidelines, to the technical deletion of data). You can find our portfolio on the topic of data protection here.
Interview Data Protection Act Switzerland 2023
0 Comments