rabbit it
rabbit it

Data Sovereignty for Healthcare, Finance, and the Legal Sector in Switzerland: What Does Moving Away from the US Cloud Standard Really Mean? 

What was recently perceived as a political debate has become an operational reality for Swiss organisations: dependencies on US-based cloud providers are being fundamentally rethought. Not just at the federal level.

 

In November 2025, the Swiss data protection conference privatim issued an urgent recommendation requiring federal and cantonal authorities to only use US cloud services when data is independently encrypted and the provider has no access to the keys. Switzerland's federal administration declared digital sovereignty a key priority for 2026. The Federal Office of Public Health has effectively excluded US providers from its SwissHDS infrastructure tender. And the US CLOUD Act of 2018 still gives US authorities the right to access data managed by US companies, regardless of where the servers arephysically located.

 

What applies to the public sector indirectly affects SMEs too. Regulated industries such as healthcare, finance, and law tend to align themselves with government standards. Geopolitical uncertainties, from trade disputes to extraterritorial access rights, pose a real risk to companies of every size. According to a recent Lünendonk study, 78% of CIOs are now prioritising digital sovereignty, yet nearly half of all mid-sized companies have no documented exit strategy for their cloud dependencies.

 

What this means for your organisation
It is not about replacing everything at once. It is about knowing where you stand. Which software do you use? Where does it come from? Who can access your data? And what happens if a provider suddenly becomes unavailable or changes its terms?

 

How rabbit it AG can help

  • Analysis of your IT landscape by country of origin, licence model, and risk exposure
  • Assessment of your current cloud dependencies and data sovereignty posture
  • Recommendation and introduction of alternatives from Switzerland or the EU
  • Migration to open-source solutions, hybrid architectures, or private infrastructure
  • Ongoing operations, monitoring and support following migration

 

Digital sovereignty is not a step backwards — it means making conscious, strategically sound IT decisions, with data and systems that belong to you. We are happy to advise you. Fast. Agile. Reliable.