SWITZERLAND Law and Practice Contributed by: Hugh Reeves, Jürg Schneider and David Vasella, Walder Wyss Ltd
right of the data subject to express his or her point of view and to demand that the decision be reviewed by a natural person does not apply when the data subject does not have to be heard before the decision is made. When exercising his or her right of access, the data subject receives, in particular, information concerning the existence of an automated decision and the logic on which the decision is based. • Requirement for a formal legal basis: Federal bodies are only entitled to process personal data if a legal basis is given. The legal basis must be laid down in a law in the formal sense in three cases, namely (i) the process - ing of sensitive data (for example biometric and genetic data); (ii) profiling (as defined by the FADP); and (iii) when the purpose or method of processing is likely to cause serious harm to the fundamental rights of the data subject. The use of AI may there - fore require a formal legal basis, even in the absence of sensitive data or profiling, if the processing method (eg, automated decision) is likely to seriously affect the fundamental rights of the data subject.
Finally, on 12 February 2025, DETEC and the Federal Department of Foreign Affairs (FDFA) presented an overview to the Swiss Federal Council of possible regulatory approaches to AI. On the basis of this overview, the Swiss Federal Council has decided on a Swiss regula - tory approach for AI based on three objectives: strengthening Switzerland’s location for innova - tion; safeguarding the protection of fundamen - tal rights, including economic freedom; and increasing public trust in AI. To achieve these objectives, the Swiss Federal Council has set the following key steps for the future: incorporation of the Council of Europe’s AI Convention into Swiss law; sector-specific legislation as far as required (cross-sector regulation, to be limited to central areas relevant to fundamental rights); and non-binding measures. 6.3 Cybersecurity in the Healthcare Sector Concerning cybersecurity in the healthcare sec - tor, see 6.1 Cybersecurity and Data Protection .
285 CHAMBERS.COM
Powered by FlippingBook