Transparency and self-determination
What the new Swiss data protection law means for Compassana users
Almost three years after its adoption, the new Swiss Data Protection Act will come into force on 1 September 2023. In addition to an alignment with the European General Data Protection Regulation (GDPR) it strengthens data protection in Switzerland through greater transparency and self-determination.
Not coincidentally, these are two key areas of focus in Compassana's development: Compassana is wholly committed to the principles of data protection and data privacy, and exists solely on the acceptance and consent of its users.
Two principles
Data protection begins with information security. The Compassana ecosystem was consistently designed according to the principles of security & privacy by design and privacy by default. It is based on the world’s leading FHIR standard for healthcare applications and is operated in a highly secure data centre near Zurich.
All data is encrypted on transit (during transmission) and at rest (during storage). No data is stored on your smartphone itself, so it cannot be lost with the device or stolen from the smartphone by cybercriminals.
The Compassana platform is regularly put to the test by independent Swiss cybersecurity professionals in real penetration tests. In this way, potential threats are detected at an early stage and security incidents can be prevented from the outset.
Only with consent
The Compassana app was designed with the patients’ perspective in mind to make the Swiss healthcare system more transparent, simpler, and smarter. Accordingly, only you and health care providers and health care professionals authorized by you will have access to your information.
Your personal user account gives you discreet access to your Compassana account like a personal data safe. By the way, we use technology that banks use.
With the Compassana app, you can store medical information in your Compassana account securely and in compliance with data protection standards. You can also share this information with healthcare professionals, something which is not possible with regular emails.
At Compassana, you freely control your health data. You are free to open or close an account. Access is only possible for individuals or services you have authorised, and only for as long as you desire. You are actively supported by a clear display of your consents. No data will be passed on without your consent, not even to your health insurance.
Strict procedures
Our support team can access your Compassana account only under exceptional circumstances and in a way that is transparent to you, to assist with queries or to meet the disclosure obligations set by the Swiss Data Protection Act. Such accesses are strictly logged. Further information on data protection can be found in the Privacy Policy and in the Terms of Use, which we regularly update.
If you have any questions or suggestions regarding data privacy at Compassana, please feel free to contact our Data Privacy Officer Peter Ebenhoch.
For general information from authorities and support on data protection in Switzerland, please contact the Federal Data Protection and Information Commissioner (FDPIC).