/ CPLT provides recommendations on personal data protection by the State Administration

18 January, 2021

In December 2020, the new recommendations of the Council for Transparency on data privacy, which reinforce the regulations, came into effect.

Macarena Gatica L.

Partner Alessandri

On December 7th , 2020, the updated text of the recommendations of the Council for Transparency (CPLT) on data privacy to state administration bodies was published in the Official Gazette. This was approved by the Managing Board, in ordinary meeting No. 1137, dated October 15th , 2020.

The new recommendations reinforce the regulations of Law 19,628 and adjust the actions of the public administration bodies, in relation to the personal data they handle. In addition, it introduces new criteria that are provided in the bill amending the abovementioned law.

As a basis for renewing the recommendations, mention is made of the constitutional guarantee of data protection (provided for in Article 19 No. 4 of the Constitution), the measures adopted by the health authorities due to the pandemic by Covid-19, the digital transformation of the State and the need to raise the personal data processing standards performed by the State administration bodies, in order to ensure the rights recognized by the Constitution of data subjects.

The document proposes a series of criteria that guide the application of the rules of Law No. 19,628, and that guarantee the new fundamental right to the protection of personal data. All of this is aimed at increasing and improving the level of compliance with the obligations that the Constitution and the law impose on the State administration bodies in the field of data privacy.

For example, the text emphasizes the importance of the principles of legality, quality (purpose, truthfulness, and proportionality), duty of information, security, data privacy by design and by default, responsibility, the role of the data processor, appropriate technical and organizational security measures, suggests the determination of a data privacy officer (DPO) who shall be the effective contact with the CPLT, the elimination of outdated data, among others.

These recommendations of the CPLT arise both as support to the process of digital transformation of the State and to the legislative initiative to have a regulation that allows an adequate protection of personal data. The updating will mean a deep process of adaptation in the public administration, which has already begun in private institutions.


Click here to read the full text of the CPLT recommendations.