The 10 most important principles for successful data protection implementation

As with the introduction of the GDPR, the hectic pace in the run-up to the issue of data protection was and is noticeable everywhere. Completely wrongly, provided that one had already fulfilled the elementary requirements before. Because the new data protection law brings little that is new. However, a personal punishment, which in the end is probably the best thing that could be included. Because all of a sudden, customers are asking us, “Can I be held personally responsible?”.

The answer to that has to be YES, although of course it is completely different whether you are in a leadership position or whether you are just an “executer”. However, all it takes is one wrong mail and disaster is a reality. The most recent example: the disclosure of data from the Northern Ireland police. In such cases, the best security system is of no use, because people always find ways and means to circumvent it. Incorrectly, the article speaks of a “security breach”, which is exactly what it was not! Data protection is more than 50% dependent on personal behavior, which is precisely why the aforementioned criminal liability is necessary.

For all those who have only recently started to think about which issues to pay particular attention to when it comes to data protection, I will provide some important tips here. As we all know, data protection is an ongoing management task, not a project. Thus, it is also immediately said that the implementation requires permanent care.

Good data protection is like consistent quality: it’s not a sprint, it’s a marathon. Those who focus only on short-term goals will lose the race.

The 10 mnemonic sentences are:

  1. You are not protecting YOUR data, but those of your employees, customers, citizens, etc. Always put yourself in the personal situation of those affected.
  2. The tightrope walk SERVICE VS. DATA PROTECTION is a permanent challenge. Make examples as part of training and follow up regularly.
  3. There is no technical solution that “does” data protection.
  4. Data privacy and information security are partners, not enemies.
  5. Ensuring data quality will become the biggest challenge in the coming years …and AI will not solve the problem.
  6. People do not become privacy lovers just because there is a law.
  7. You have to sell data protection in a target group-oriented way.
  8. Data protection does not become more popular just because people obsessively demand it.
  9. Encourage personal involvement; there are plenty of examples.
  10. The misuse of data usually endangers you or people entrusted to you not today, but in the future.

I gave further hints in an interview with the company You can find this video here:

Video with B. Wildhaber on the topic of the Data Protection Act Switzerland 2023

We will be happy to advise you individually on how to deal with data protection risks and everything that goes with it (from the data protection management tool “Lineback”, to contracts such as ABV/AVV, directives or data protection guidelines, to the technical deletion of data). You can find our portfolio on the topic of data protection here.

Interview Data Protection Act Switzerland 2023


Submit a Comment

Your email address will not be published. Required fields are marked *

Related articles

On 16.3. is Digital Cleanup Day

On 16.3. is Digital Cleanup Day

Tidying up is clearly not everyone's cup of tea, but we all know the good feeling that a tidy room, a tidy desk or ... a tidy drive! You can feel proud with a clear conscience, because deleting data also has an important effect on energy consumption. I have calculated...

read more
Dealing with data risks: Data breach notification

Dealing with data risks: Data breach notification

A data breach notification or "data breach notification" refers to the process by which an organization or company is required to notify the relevant data protection authorities and, if applicable, data subjects of a data breach that is likely to result in a high risk...

read more