New Data Protection Act (nFADP) or Data Privacy, what measures do companies need to implement?
The recent update of data protection regulations in Switzerland to 2023 (nFADP/nLPD) goes beyond mere compliance, but is of paramount importance for both private and public sector organisations. For this reason, Softcom is committed to helping its customers navigate the challenges that this change brings.
At Softcom, we understand that by ensuring transparency and giving end users control over their data, we strengthen our customers’ image and drive their growth in the world of digital transformation. In addition, a clear understanding of the security level of the data is crucial to minimise the risk of data leaks that could jeopardise this gained trust. As partners, we share the same goals and risks. We therefore endeavour to offer ever more robust solutions that ensure maximum data protection.
But what exactly does Softcom offer as a solution?
Our approach is divided into several components that meet the specific needs of all parties involved: the end user, the customer and Softcom.
- For the end user, the owner of the data, we offer functions that ensure transparency and control over their personal information. These allow the end user to view, change or even delete their data according to their preferences.
- For our customers, we provide detailed information about the stored data, including its classification and its lifespan. Softcom also offers consulting services for analysing existing systems in terms of their legal compliance, as well as expertise in creating an ISDS (information security and data protection) concept.
- At Softcom, we are committed to selecting the appropriate technologies to ensure adequate data protection, taking into account the level of risk, the constraints and the specific context. This approach ensures that we comply with applicable regulations and the governance decisions made by our customers.
When should data protection be incorporated into a project?
For Softcom, the process starts well before the start of a project, as soon as the protection of its infrastructure/organisation is put in place, and continues right through to the decommissioning of the solution. Throughout these stages, maintenance activities are necessary to keep abreast of new emerging threats.
What concrete steps have we taken?
Based on a well-established security culture within our teams, Softcom adopted a holistic approach to cybersecurity last year. The results achieved include, for example, an audit of private data on all projects and their anonymisation where necessary. Thanks to these measures, any successful attack at Softcom would not result in a leak of customer data. We have also strengthened the security of our ‘secrets’ (passwords or connection keys) by systematically encrypting them, making them unusable by hackers and thus preserving the security of our customers.
This initiative is being strengthened this year with targeted actions across the entire organisation, imposing a methodical and controlled approach to cyber security across the entire value chain.
Can risks be completely eliminated?
Unfortunately, there is no such thing as zero risk. However, Softcom is committed to supporting its customers by managing these risks in order to reduce them to a minimum level, in line with their sector of activity, and in the interests of total transparency.
In conclusion, data protection is not just about regulatory compliance; it is also the basis of trust between our customers and their own customers. That’s why our Software Factory integrates this parameter into every stage of production, giving everyone long-term peace of mind.