0844 277 277 Mon-Fri 8am-6pm
CSS Insurance

Data protection


When handling the health data of its insured persons, CSS Insurance is subject to strict data protection provisions. Alongside the provisions of the law, the employees of CSS Insurance must additionally comply with internal guidelines on data handling. All employees are familiar with the requirements that apply to them and, on joining the company, expressly undertake to observe the duty of confidentiality and comply with data protection.

At CSS Insurance, the data of the insured person is always processed in conformity with the law and used only for the prescribed purposes. We only process those items of data about the insured person which are necessary to perform our tasks.

Thanks to regular and conscientious training for its employees and a continually optimised data handling process, CSS Insurance guarantees a high level of data protection and data security.

Data protection seal

The certifications awarded to CSS underscore the importance of data protection at CSS Insurance. They guarantee that CSS will treat the data of its insured persons with care.

  • Since 2007, the Medical Advisory Service (MAS) has held the GoodPriv@cy* seal of quality and, since 2010, has also been certified under the Ordinance on Data Protection Certification (VDSZ).
  • Furthermore, since 2013 CSS has had a certified data collection office in accordance with Art. 59a of the Swiss Health Insurance Ordinance. Its standardised regulations guarantee data privacy for every person insured with CSS, while at the same time paving the way for quick and client-oriented invoicing with hospitals. This permits CSS to settle DRG invoices from inpatient service providers efficiently and in conformity with the law.
  • CSS meets high information security standards. Since 1 July 2015, CSS IT systems have been certified in accordance with ISO standard 27001:2013. This international standard specifies the requirements for establishing, implementing, operating, monitoring, maintaining and improving an information security management system.
  • Input Management, which is responsible for the receipt of paper documents, has been awarded the international GoodPriv@cy* certificate.

*The international GoodPriv@cy certificate is awarded by the independent Swiss Association for Quality and Management Systems (SQS) and confirmed by means of an annual audit.

Requests for information

If you have any further questions on how your personal data is handled or if you require further information, please contact us by post, enclosing a copy of an official identity document:

CSS Insurance
Data Protection Officer
Tribschenstrasse 21
P.O. Box 2568
CH-6002 Lucerne

Processing policy

The insurer must make its processing policy publicly accessible.