Employee Data Privacy

Colombia - Breach Notification

 Download as a PDF

Are there any data breach notification requirements? 


A data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Local data protection regulations have required data controllers to report such breaches in certain circumstances. 

markus-spiske-303121In Colombia, employers are required to notify the data protection authority when there are violations of the security code or risks related to processing personal data (Law 1581 of 2012). Notification must include the:

  • nature of the breach;
  • date the breach occurred;
  • date the breach was discovered;
  • cause of the breach;
  • categories of personal information involved; and,
  • number of individuals affected.


HR Best Practices: Employers should develop and implement a data breach action plan with notification, incident documentation and response procedures.


UKG's HR Compliance Assist team relies on a network of internal and external compliance experts and lawyers to provide clients with best practices and recommendations on topics such as HR document retention, employee data privacy, and HR electronic records. HR Compliance Assist also provides local compliance monitoring and alert services in select countries where UKG's customers have employees. HR Compliance Assist is a service exclusively available to UKG customers.

Share Your Feedback

Let's Talk