Switzerland: Published FDPIC Guidelines on the obligation to conduct data protection impact assessment

On 31 August 2023, the Federal Data Protection and Information Commissioner of Switzerland (FDPIC ) published guidelines on the obligation to conduct data protection impact assessment (DPIA). The guidelines were issued to clarify new obligations following the entry into force of the revised Data Protection Act, which requires federal bodies and private individuals to conduct a DPIA if the planned data processing entails a high risk to the data subjects' rights. The guidelines provide information on conducting DPIAs to assess and mitigate the risks associated with data processing, ensuring compliance with Swiss data protection laws.