demonstrable responsibility

The Superintendency of Industry and Commerce (‘SIC’) Colombia’s data protection agency, launched its Colombian Accountability Guidelines (the ‘Guidelines’). The first document of its kind in South America, the Guidelines are aimed at helping companies understand and implement Colombia’s Data Protection Regulation implemented in 2012, and reinforced by an additional regulation in 2013.

The advice mainly deals with the Colombian concept of ‘demonstrable responsibility’. This concept is akin to accountability and requires data controllers to be able to demonstrate that they have implemented appropriate measures to comply with Colombia’s data protection law, including by providing a description of the internal security procedures they have introduced and how the processed data is relevant to individuals. This concept has not been without critics, however, who raised concerns about how to comply and lead organisations to seek further guidance.
Continue Reading Colombia issues Accountability Guidelines to promote data protection compliance