What is, and which organizations have to appoint a DPO?
A Data Protection Officer (DPO) is a person in charge of verifying the compliance of personal data processing with the applicable law. The DPO communicates information on processing personal data such as its purposes, interconnections, types, categories of data subjects, length of retention and department(s) in charge of implementing processing. DPOs may be required by law or recommended.
Chile’s current Personal Data Protection law does not have a role similar to that of Data Protection Officer. Instead, the law sets some basic requirements for those who manage and process personal data, including:
- keeping personal data private (secret/confidential);
- protecting data through due diligence; and,
- using personal data only for the purposes for which the information was collected (unless collected from a public source).