Switzerland: Adopted Revised Data Protection Ordinance (DSV)

On 31 August 2022, the Federal Council released a notice announcing the adoption and implementation date of the revised Data Protection Ordinance (DSV). The amendments include minimum data security obligations and requirements for the notification of data security breaches. For private data controllers with fewer than 250 employees, the ordinance regulates the circumstances under which they are exempt from the obligation to keep a register of processing activities. Furthermore, the ordinance sets out the criteria employed by the Federal Council to assess whether the data protection law of a state is appropriate or not for cross-border data transfer. Finally, the ordinance details various definitions and conditions set for the retention, processing, and transferring of data.