The risk-based approach under the GDPR and Swiss data protection laws | Niederer Kraft Frey
The General Data Protection Regulation (GDPR) and the Revised Swiss Data Protection Act (revised FADP) embrace a risk-based approach to data protection. Organisations that control the processing of personal data (controllers) are encouraged to implement protective measures corresponding to the level of risk of their data processing activities.