Data Protection in Ecuador

Security in Ecuador

Data controllers or the individual in charge of the treatment of personal data must abide by the principle of personal data security, for which it must consider the categories and volume of personal data, the state of the art, best comprehensive security practices. and the costs of application according to the nature, scope, context, and purposes of the treatment, as well as identifying the probability of risks. 

Data controllers or the individual in charge of the treatment, must implement a process of verification, evaluation and continuous and permanent assessment of the efficiency, effectiveness, and effectiveness of the measures of a technical, organizational and any other nature, implemented to guarantee and improve the security of the processing of personal data. 

The individual in charge of the treatment of personal data must demonstrate that the measures adopted and implemented adequately mitigate the risks identified.

Among other measures, the following may be included: 

  • Anonymization, pseudonymization or encryption measures of personal data.
  • Measures aimed at maintaining the confidentiality, integrity and permanent availability of the systems and services for the processing of personal data and access to personal data, quickly in case of incidents.
  • Measures aimed at improving technical, physical, administrative, and legal residence.
  • Those responsible and in charge of the treatment of personal data, may avail themselves of international standards for adequate risk management focused on the protection of rights and freedoms, as well as for the implementation and management of information security systems or codes of conduct. recognized and authorized by the Personal Data Protection Authority.

Continue reading

  • no results

Previous topic
Back to top