Operational and Cyber Resilience

Data Protection Compliance

The new, totally revised Federal Act on Data Protection came into effect on September 1st 2023. It will strengthen the rights of affected persons and increase the requirements on companies, how to process and protect personal data. Aucoma recommends that you already start analyzing the requirements and can support you to identify necessary measures and to implement them step-by-step.  We can help you with the establishment of a Data Protection Management System (DPMS) to ensure continuous management of data protection requirements.


Your company is facing one or more of the following challenges:

Compliance requirements applicable to your company are increasing

Requirement details of the new Swiss Federal Act on Data Protection and the resulting need for action for your company have to be determined

An overview of the personal data processed in the company needs to be established and held up-to-date.

Documentation of all processing of personal data is either incomplete or not yet existent.

Employee awareness training is necessary to inform them about the new requirements.

Non-compliance with the Swiss Federal Act on Data Protection can result in fines of up to CHF 250’000.


aucoma relies on the following proven approach which will be adapted to your context:


Our experts may sustainably strengthen your “Operational and Cyber Resilience” with the following offering:

Analysis of status quo
Assessment of the current state of the company and identification of the applicable legal requirements. Documentation of the results.

Gap analysis & preparation of prioritized recommendations
Based on the initial analysis, gaps with regards to the applicable requirements are determined. Recommendations will be prepared and prioritized based on a risk assessment of the identified gaps.

Implementation of recommendations
We implement necessary technical and organizational measures and/or support you doing it.

Establish Data Protection Management System (DPMS)
A DPMS enables you to continuously manage data protection in your company and ensures compliance with the applicable requirements.

Regular reviews and assessments
Regularly check implemented measured with regards to completeness and effectiveness.

Added Value

In cooperation with aucoma you may create the following value for your company:

The applicable legal requirements and the current state of compliance of your company have been determined

Existing gaps are identified, and necessary measures are implemented in a prioritized manner in order to remedy or reduce possible risks

The management board and employees are aware of how to process personal data in a risk-based way and what rights affected people have

Based on “privacy by design” and “privacy by default”, data protection requirements are already taken into account at the start of new projects or processing activities

Data protection requirements are managed continuously based on defined roles and responsibilities