The Superintendence of Industry and Commerce (SIC) has issues Circular 008 of 2020 under which it establishes the guidelines to process personal data to comply with biosecurity protocols in the context of COVID -19.
SIC publica norma para procesar datos en protocolos de bioseguridad

The SIC established the guidelines for processing personal data in compliance of the Resolutions of the Ministry of Health and Social Protection (the “Ministry”) to mitigate, control and manage the risk of the pandemic of COVID  19.


The Circular establishes that the Ministry’s Resolutions about biosecurity protocols (the “Protocols”), do not suspend the fundamental right of data protection and its legal framework is still applicable for data Controllers (i.e. who decides over the processing of personal data) and Data processors (i.e. who process personal data on behalf of the Data Controller) 

This Circular establishes, without limiting any other legal obligation for Data Controller or Data Processor, (i) how personal data shall be collected in compliance with the  Protocols (ii) the obligation to inform the personal data subject that the purpose of the processing is the compliance of Protocols, (iii)  the obligation to maintain security measures to avoid any personal data loss or adulteration, (iv)  that the processing of personal data is temporary, only during the time the Protocols take place, (v) a reinforced responsibility for the processing of sensitive personal data with special care and diligence and (vi) that personal data bases generated in order to comply with the Protocols must be registered with the SIC’s Personal Data Registry within the fifteen (15) days after their creation. 

See full text of External Circular Letter 8 of de 2020

 

 

 

For more information contact our team