Swisscom attaches great importance to the legally compliant and responsible processing of personal data. For this reason, in the year under review Swisscom further expanded the measures for the protection of personal data and introduced a framework to ensure data ethics.
Data protection within Swisscom is controlled and monitored by a central data governance unit, which works closely with all the relevant divisions and other staff units. In order to ensure adequate data governance, the responsible unit issued several directives and information sheets in the year under review. In addition, employees with a data governance role at Swisscom received in-depth job-specific training. Appropriate learning content further developed and sharpened the awareness of the rest of the workforce with regard to data protection and confidentiality. What is more, Swisscom significantly expanded the testing of systems and applications for their compliance with legal data protection and confidentiality requirements. It also made further progress with the development of technical tools to support data governance.
Swisscom began implementing the new Federal Act on Data Protection (FADP) in the year under review. The Federal Act on Data Protection (FADP) regulates the treatment of personal data. It had been under revision since 2016, and a revised version was adopted by Parliament in autumn 2020. It is not yet known when the new FADP will come into force. Swisscom is assuming that this will happen in 2022.
To ensure data ethics, a newly created, diversely composed Data Ethics Board has reviewed a variety of cases to ensure that they comply with Swisscom’s ethical principles. The framework for data ethics has proven itself and will be continued.See www.swisscom.ch/dataprotection