Your SlideShare is downloading. ×
Ley protección de datos personales
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Ley protección de datos personales

423
views

Published on

Mexico privacy law

Mexico privacy law

Published in: Technology, News & Politics

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
423
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Federal Law on Personal Data Protection of Private OwnershipLey Federal de Protección deDatos Personales en Posesión de los Particulares 26/Agosto/10
  • 2. What is this law looking for• Protect personal data held by companies.• Control legitimate treatment, monitoring and reporting, in order to ensure privacy and the right to informational self-determination of individuals.
  • 3. Which rights are covered by the law Opposition Deletion RectifyAccess • The owner • The owner • Right to • Is given as could request can request request that long as there which the change of data is is a legitimate personal data inaccurate or blocked for a cause. If is processed incomplete period of time so, the by the data. in which it can responsible controller and • If the data not be given has to how is it was any exclude the treated. transmitted to treatment. data from any a third After this type of party, the period, it treatment. responsible should be should notify abolished. its rectification. ARCO: By its spanish acronym
  • 4. What is the core of• the law The client, employee or vendor has the right of auto determination at all times.• In the case of sensitive data treatment the authorization needs to be explicit.• The data classification and protection of personal data is a function that any company must comply.• Personal sensitive data is consider: ethnicity or racial origins, health status (present and future), genetic information, religious, philosophical and moral believes, union affiliation, political views and sexual orientation or any data that could cause high risk to the owner of the data.
  • 5. What do companies need to do Classification and Data Protection Establish, document and maintain security measures Privacy Notice Communicate data transfer to third parties Appointment of a Chief Privacy Officer Treatment authorization from clients, customers or employees
  • 6. Deadlines to comply with the law • Mexican federal government issued the law on July 5, 2010 • Clients, employees or vendors could request their ARCO rights starting January 6, 2012 • Important deadlines : – July 6, 2011: • Companies must appoint a Privacy Officer. • Companies must issue privacy notices
  • 7. Sanctions / Penalties• Warnings• Fines from $5,584* to $17,868,800*• Additional fines from $5,584* to $17,868,800* (when the fine happens more than once)• All fines may increase a 100% if personal data is sensible• Jail up to 10 years * Mexican pesos
  • 8. Mexico’s personal data law    
  • 9. What do companiesneed to do Train all the employees Create privacy policies Establish a privacy about the privacy and programs monitoring process programs Assign resources to Establish a procedure to Review the privacy implement the privacy manage the privacy risk program periodically programs Implement the procedures Implement the to receive the concerns mechanisms to sanction in and complaints about the case of a privacy noncompliance situation
  • 10. What do companies need to create Roles and responsibilities of Inventory of Inventory of the Risk analysis of persons who personal data treatment systems personal data process personal data Roadmap for theSecurity measures Gap analysis of Reviews and / or implementation of for personal data security measures audits security measures Registration of Train staff which Record the mass cancellations or processes personal storage of personal destruction of data data personal data
  • 11. Privacy is not only about Compliance!Through Privacy we guarantee individual rights. By doing so, we increasestakeholder trust and increase our competitiveness.

×