Blog



CMS.DataEngine.CollectionPropertyWrapper`1[CMS.DataEngine.BaseInfo]
Profile Image Verifile
June 4, 2019
Blog Article Image

Latin America - The Ethics of Gathering Employee Data

In Latin America, most countries now have data protection legislation which helps employers determine what new technologies should or shouldn't be implemented in the workplace, while employees have certain rights that can allow them to minimize the collection of their personal data and restrict how it is processed.

Mexico
In Mexico, the right to data protection was established in the Constitution in 2009. In 2010, the Federal Law on Protection of Personal Data Held by Private Parties was enacted and in subsequent years, regulations of the law and several guidelines on the matter were also issued.

This comprehensive legislation applies at a federal level and not on a state-by-state basis. The country has an independent Data Protection Authority—the National Institute of Transparency, Access to Information and Protection of Personal Data (INAI)—that oversees the enforcement of the data protection laws and promotes best practices across the country. Among the obligations the legislation establishes for data controllers is the requirement to provide a privacy notice to data subjects where data protection practices are clearly explained to employees. The notice must specify clearly why the data is being processed, such as for the payment of wages, and what could be considered voluntary data processing, such as data obtained from the implementation of new technologies, including wearable devices.

While processing data for conventional purposes does not require consent from employees, consent for processing data for additional purposes is required. Another obligation is to allow data subjects, in this case, employees, the exercise of their rights over personal data (i.e. access, rectification, cancellation, objection, etc.). These obligations are basic when looking at technology in the employment context; however, they are not the only ones. While there have been some disputes relating to the processing of employees' personal data in Mexico, they have concerned matters relating to the requirement for consent and privacy notices and none have involved the use of new technologies in the workplace so far. Indeed, lawyers are waiting to see how the right to data protection develops and is strengthened with resolutions by INAI and the local courts. For many, the use of new technologies and analysis of data in the labor context can be beneficial for both employees and employers, providing there is a clear understanding of what is legal and ethical.

Colombia
Local laws in Colombia establish two fundamental personal data rights: the right to privacy and the right to data rectification. Similar to the EU's General Data Protection Regulation (GDPR), regulations in Colombia are based on the principle that the processing of private, semi-private and sensitive personal data requires the data subject's prior, express and informed consent.

Even if employees expect little privacy while on company premises or when using company equipment, there have been several decisions in Colombian courts recognizing minimum privacy, or tolerable personal use for employees using internal hardware or software tools. Since the gathering of employee data from these new tools has not been directly regulated by local employment law, but broadly regulated by constitutional and GPDR law, nowadays employers have the responsibility for setting specific limits that can solve the tension between productivity and the fundamental rights of employees, starting from the principle that the gathering of information must respond to legitimate and ethical interests.

Chile
Chilean legislation includes several rules on the protection of personal data applicable to an employment relationship, which help mitigate the ethical problems that may arise for the employer. The Political Constitution of the Chilean Republic, Law No. 19,628 regarding the protection of private life or personal information, and the Labor Code contain the most important provisions relating to gathering employee data in Chile.

Article 19 No. 4 of the Chilean Constitution provides the protection of personal data as a constitutional right. This rule guarantees the respect and protection of private life and the honor of the person and their family, and also, the protection of their personal data.

Law No. 19,628 states that personal data may only be processed when determined by law or when the owner of the data gives written consent, in this case, the employee. The law also provides that the employee must be informed about the purpose of the processing of their personal data and its possible communication to the public. However, there are exceptions to this provision. Authorization is not required when private entities process personal data for their own exclusive use or that of their agents and affiliates, and it is for their own benefit. This applies to companies when processing employee data for their own exclusive internal use.

According to the law, personal data relates to 'any information concerning individuals, identified or identifiable.' This includes basic human resources data, such as, but not limited to, the employee's name, date of birth or age, date of starting employment, remuneration and benefits, home address, marital status, number of dependent children, national registration number or identity card number, social insurance number, employee number, position in the organization, evaluations and complaints.

On the other hand, the processing of sensitive personal data is prohibited. Data considered to be sensitive may only be processed when determined by law, when the data owner gives written consent, or for obtaining health benefits, like those necessary for granting complementary health insurance to employees.

Sensitive personal data is defined in Chilean law as information regarding a person's physical or moral characteristics, and facts or circumstances of their private life and intimacy, such as personal habits, racial background, political opinions, religious beliefs, physical and mental health and sexuality.

Chilean labor legislation expressly states that it is the employer's responsibility to respect the guarantees of the constitution within the framework of labor relations in the company, ensuring the protection of employee data and especially the employee's rights to privacy. In this context, article 154-bis of the Labor Code sets forth the employer's confidentiality obligation to keep all information and private data related to its employees safe.

 

Read More
CMS.DataEngine.CollectionPropertyWrapper`1[CMS.DataEngine.BaseInfo]
Profile Image Verifile
| Criminal Record Checks
June 3, 2019
Blog Article Image

International Product Changes

We have made the following changes to our international product offering:

  • Kenya Police Clearance CertificateThis can now only be obtained for individuals currently residing in the UK.
  • Northern Mariana Islands Criminal record Clearance: ​We now cover all of the Northern Mariana Islands and not only Saipan.

  • Japan Civil Litigation - Initial Search: This is now charged per name and no longer per person due to a change in the pricing structure at the sou

Read More
CMS.DataEngine.CollectionPropertyWrapper`1[CMS.DataEngine.BaseInfo]
Profile Image Verifile
| Criminal Record Checks
May 30, 2019
Blog Article Image

Criminal Checks in Northern Ireland

We’re pleased to confirm a price drop for basic and standard level criminal checks in Northern Ireland (via AccessNI). On 1st June, the price of both checks reduced by £8.

AccessNI has also confirmed that from the 3rd June they will recommence requesting criminal record information from Poland and Romania if either of these is the applicant’s country of origin and they have applied to undertake work involving regulated activity with children in Northern Ireland.

Read More