¹ The federal government deals in principle with electronic business management systems (GEVER systems), which are important documents for business. The documents in which the activity of the administration is recorded within the meaning of Art are considered as such. 22 of the Order of 25 November 1998 on the Organisation of Government and Administration (OLOGA) ¹ .

² The federal government's GEVER systems are designed to ensure that cases are processed in accordance with the law, on the basis of processes, in a verifiable, systematic, transparent, secure and economic manner.

³ No classification system can be used in conjunction with GEVER systems for important business documents.

This order is for the federal government's GEVER systems:

A.

Principles of data processing;

B.

Information security requirements;

C.

Skills within the federal government.

¹ This Order applies to:

A.

Administrative units of the central federal government within the meaning of s. 7 in connection with art. 8, para. 1, let., OLOGA ¹ ;

B.

Third parties with access to a federal GEVER system.

² The departments and the Federal Chancellery may submit to this ordinance the administrative units of the decentralised federal administration within the meaning of Art. 7 A In connection with art. 8, para. 1, let. B, and 2, OLOGA attached to them if they are not entitled to carry out the archiving themselves.

³ A regulation within the meaning of s. 7 is enacted for the processing of documents that are important to business that is to be temporarily out of the federal government's GEVER systems. Art. 12 and 14 shall apply mutatis mutandis.

⁴ Systems governed by other provisions and applications in which no personal data is processed are not subject to this order.

This Order applies the following definitions:

A.

GEVER INTERDEP: GEVER system used by the Federal Chancellery to carry out and coordinate interdepartmental processes;

B.

Document: file and its metadata;

C.

Classification system: structure representing the various tasks of an administrative unit and ensuring that the documents are classified in their context.

¹ The administrative units subject to this order shall select a GEVER system corresponding to the authorised standards.

² ... ¹

Responsible for data processing:

A.

The Federal Chancellery for the GEVER INTERDEP system;

B.

The administrative unit concerned within the meaning of Art. 7 to 8 OLOGA ¹ , for other GEVER systems.

The administrative units that manage a GEVER system make a processing regulation within the meaning of s. 21 of the Order of 14 June 1993 on the Federal Data Protection Act ¹ .

The administrative units report their GEVER systems as files to the Federal Data Protection and Transparency Prelay, in accordance with Art. 11 A , para. 2, of the Federal Law of 19 June 1992 on Data Protection ¹ .

The classification systems of the GEVER systems are set up so as not to betray documents containing sensitive data, personality profiles or classified information.

¹ For the conversion of physical documents into electronic documents or vice versa, or an electronic form in another (conversion of documents), the Federal Chancellery shall issue directives regulating:

A.

Processes and measures to ensure quality;

B.

The electronic signature to use and the format.

² Documents seized pursuant to these directives are of original value.

³ The original paper documents are destroyed three months after their digitization. It is prohibited to destroy documents:

A.

Which must be kept under legal standards;

B.

Which are necessary to close current cases;

C.

That could be considered as evidence;

D.

Must be retained because of their historic or cultural value.

The Federal Chancellery defines the electronic signature to be used and, in agreement with the Federal Archives, the file format of the documents that are processed in the GEVER systems and which must be signed.

¹ The processing of documents in the GEVER systems is carried out in such a way as to prevent unauthorised persons from consulting them.

² Documents that contain sensitive personal data, personality profiles or classified information CONFIDENTIAL are encrypted in the GEVER systems. They are also transferred from these systems.

³ Documents classified as SECRET cannot be processed in the GEVER systems.

¹ Users can transfer a document from their own GEVER system to another system, but cannot access from their system to a document stored in another GEVER system.

² The exchange of documents between the GEVER systems is carried out by means of secure transmission.

³ The Federal Chancellery designates the product to be used, in accordance with the Confederation Information Technology Unit.

The GEVER systems are managed using a two-factor authentication procedure, in accordance with the IT Security Directives.

¹ The GEVER systems record access to documents, printing and transfer of documents in a log, as well as changes to the rules protecting access to documents, including encryption.

² The newspapers are kept for two years, in accordance with the order of 24 April 2002 concerning the keeping and keeping of account books ¹ .

¹ The data processing body shall document in a programme measures to ensure the security of the information. This program is regularly reviewed and if necessary updated.

² If risks remain despite the implementation of the planned measures, they are identified with their potential consequences and communicated in writing to those responsible.

¹ On the proposal of the Steering Committee, the Conference of Secretaries General approves the GEVER strategy of the Federal Government.

² On the proposal of the Steering Committee, it coordinates the financing of the implementation of the strategy.

³ On a proposal from the Federal Chancellery, it approves the organisational directives necessary for the uniform operation of the GEVER systems.

⁴ On a proposal from the Federal Chancellery, it approves the GEVER documentation. It consists of:

A.

The GEVER organization manual;

B.

The GEVER concept guide.

¹ The Steering Committee has representatives from:

A.

Departments and the Federal Chancellery;

B.

The Federal Archives;

C.

The Confederation Information Technology Unit;

D.

The Federal Office of Informatics and Telecommunications;

E.

Parliamentary Services;

F.

GEVER service providers.

² The Federal Chancellery chairs the committee.

³ Each department and the Federal Chancellery have one vote.

⁴ The Steering Committee:

A.

Ensures the implementation of the federal government's GEVER strategy;

B.

Plans for the long-term phases of the GEVER strategy;

C.

Formula to the Conference of Secretaries-General of proposals for amending the GEVER strategy;

D.

To the Conference of Secretaries-General of the proposals to finance the implementation of the GEVER strategy.

E.

Regularly monitors the GEVER systems of departments and the Federal Chancellery.

The Federal Chancellery:

A.

Ensures overall coordination;

B.

Directs the work of the Steering Committee and reports regularly to the Steering Committee;

C.

Organizes the implementation of strategic objectives;

D.

Leads the GEVER specialized group and user groups for standard GEVER solutions;

E.

Ensures the updating of the organisational and technical specifications of the GEVER systems;

F.

Coordinates with user groups the technical integration of these specifications in standard GEVER solutions;

G.

Ensures that departments are using the GEVER INTERDEP system correctly;

H.

Reports to the Federal Council once a year.

The Federal Archives:

A.

Advise and support administrative units in accordance with the GEVER documentation;

B.

Define, in agreement with the Federal Chancellery, the interface and format for archiving documents processed in the GEVER systems;

C.

Organise, in agreement with the Federal Administrative Training Centre of the Federal Office of Personnel, training in the GEVER field.

The Technical Standards Unit of the Confederation sets technical standards to ensure data security.

The administrative units subject to this order shall themselves select the benefit providers for their GEVER systems, unless the Federal Council has restricted this choice to one or more standard services, pursuant to Art. 14, let. B, of the December 9, 2011 Ordinance on Information Technology in the Federal Government ¹ .

The acquisition, operation, maintenance and development of the GEVER systems are financed by the budgets of the administrative units concerned.

¹ The departments and the Federal Chancellery shall issue the necessary directives.

² Regulations for treatment within the meaning of s. 7, the information security program within the meaning of s. 16 and the possible directives of the administrative units shall be notified to the Federal Chancellery.

The following orders are amended as follows:

... ¹

¹ The administrative units of the Confederation whose GEVER systems are not in conformity with this order shall make the necessary adaptations by 30 June 2018 at the latest.

² If unavoidable and unforeseeable circumstances prevent them, the responsible department may propose to the Federal Chancellery, for the Federal Council, that the deadline be extended until 31 December 2019 at the latest.

This order shall enter into force on 1 ^Er January 2013.