Ley protección de datos personales
•Transferir como PPTX, PDF•
0 gostou•572 visualizações
Mexico privacy law
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Semelhante a Ley protección de datos personales
Semelhante a Ley protección de datos personales (20)
Mais de Juan Carlos Carrillo
Mais de Juan Carlos Carrillo (20)
Último
Último (20)
Ley protección de datos personales
- 1. Federal Law on Personal Data Protection of Private Ownership Ley Federal de Protección de Datos Personales en Posesión de los Particulares 26/Agosto/10
- 2. What is this law looking for • Protect personal data held by companies. • Control legitimate treatment, monitoring and reporting, in order to ensure privacy and the right to informational self-determination of individuals.
- 3. Which rights are covered by the law Opposition Deletion Rectify Access • The owner • The owner • Right to • Is given as could request can request request that long as there which the change of data is is a legitimate personal data inaccurate or blocked for a cause. If is processed incomplete period of time so, the by the data. in which it can responsible controller and • If the data not be given has to how is it was any exclude the treated. transmitted to treatment. data from any a third After this type of party, the period, it treatment. responsible should be should notify abolished. its rectification. ARCO: By its spanish acronym
- 4. What is the core of • the law The client, employee or vendor has the right of auto determination at all times. • In the case of sensitive data treatment the authorization needs to be explicit. • The data classification and protection of personal data is a function that any company must comply. • Personal sensitive data is consider: ethnicity or racial origins, health status (present and future), genetic information, religious, philosophical and moral believes, union affiliation, political views and sexual orientation or any data that could cause high risk to the owner of the data.
- 5. What do companies need to do Classification and Data Protection Establish, document and maintain security measures Privacy Notice Communicate data transfer to third parties Appointment of a Chief Privacy Officer Treatment authorization from clients, customers or employees
- 6. Deadlines to comply with the law • Mexican federal government issued the law on July 5, 2010 • Clients, employees or vendors could request their ARCO rights starting January 6, 2012 • Important deadlines : – July 6, 2011: • Companies must appoint a Privacy Officer. • Companies must issue privacy notices
- 7. Sanctions / Penalties • Warnings • Fines from $5,584* to $17,868,800* • Additional fines from $5,584* to $17,868,800* (when the fine happens more than once) • All fines may increase a 100% if personal data is sensible • Jail up to 10 years * Mexican pesos
- 8. Mexico’s personal data law
- 9. What do companies need to do Train all the employees Create privacy policies Establish a privacy about the privacy and programs monitoring process programs Assign resources to Establish a procedure to Review the privacy implement the privacy manage the privacy risk program periodically programs Implement the procedures Implement the to receive the concerns mechanisms to sanction in and complaints about the case of a privacy noncompliance situation
- 10. What do companies need to create Roles and responsibilities of Inventory of Inventory of the Risk analysis of persons who personal data treatment systems personal data process personal data Roadmap for the Security measures Gap analysis of Reviews and / or implementation of for personal data security measures audits security measures Registration of Train staff which Record the mass cancellations or processes personal storage of personal destruction of data data personal data
- 11. Privacy is not only about Compliance! Through Privacy we guarantee individual rights. By doing so, we increase stakeholder trust and increase our competitiveness.