Data breach notification
Duty to report certain personal data security breaches to the authority and, where needed, affected persons in Switzerland.
A data breach notification concerns the reporting of a breach of data security involving personal data, such as accidental loss, unauthorised disclosure or access. Under Swiss law, controllers must notify the Federal Data Protection and Information Commissioner when the breach is likely to result in a high risk for the personality or fundamental rights of affected persons. Individuals must be informed where necessary for their protection or if required by the authority. Internal detection, documentation and escalation processes are therefore essential.