A data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Local data protection regulations have required data controllers to report such breaches in certain circumstances.
In Colombia, employers are required to notify the data protection authority when there are violations of the security code or risks related to processing personal data (Law 1581 of 2012). Notification must include the:
HR Best Practices: Employers should develop and implement a data breach action plan with notification, incident documentation and response procedures.