Employers' Obligations to Protect Workers' Information
In order to develop a fundamental constitutional right, the Habeas Data Law (1581|2012) was passed almost one year ago. The law develops and guarantees a person's right to know, update and correct the information held about him or her in a database. However, the interpretation of the regulation is still confusing for many sectors that are affected by its provisions and its implementation has been slowed down has a result. Although the Constitutional Court carried out a study into the draft law, the new law has had no other formal legal analysis, thus making it hard for employers to know whether it affects them. To ensure the guarantee of this constitutional right and to reinforce compliance with the rule, the new law includes an oversight and control mechanism. It has created the Data Protection Department within the Industry and Commerce Superintendence, which has the power to monitor employers' databases. It also has the power to punish an employer, which fails to comply with the law with a fine of up to 2,000 times the statutory monthly minimum wage (Ps1.179 billion or $612,785). Therefore, parties which are responsible for the treatment of employee data should be aware of the new law and should include in internal labour policies mechanisms allowing information to flow between employers and employees. They should also allow efficient access to and consultation of such data and implement security policies that prevent the improper use of information and respect employees' rights.