What are the penalties for non-compliance with any applicable data protection laws?
Non-compliance with data privacy laws and data breaches may lead to sanctions, fines, and penalties. The amounts are usually calculated according to the risk to which personal rights were exposed and the preventive measures taken by the data controllers, processors and sub-processors in relation to their respective role in the chain of personal data processing.
There is a penalty of 1 to 10 monthly tax units in cases of breach of obligations under the Personal Data Protection Law in Chile. In addition, the person, private entity or public entity responsible for the data must compensate the damages, including moral damages caused by improper handling of data, without prejudice to proceed to eliminate, modify or block the data according to what is required by the holder or as ordered by the court.
As Chile does not currently have a data protection authority, complaints and claims for damages, such as improper handling, would go through civil courts and any claims for damages would be determined by a judge. Cases where there is purposeful/criminal abuse, may go before a criminal court.
If the new data protection bill passes, there will be more streamlined penalties for noncompliance with data protection laws in the future.
Led by PeopleDoc’s Chief Legal & Compliance Officer, the HR Compliance Assist team relies on a network of internal and external compliance experts and lawyers, including the global law firm Morgan Lewis, to provide clients with best practices and recommendations on topics such as HR document retention, employee data privacy, and HR electronic records. HR Compliance Assist also provides local compliance monitoring and alert services in select countries where PeopleDoc’s customers have employees. HR Compliance Assist is a service exclusively available to PeopleDoc customers.