Last review date: 30 December 2024
Yes.
☒ general obligation to take appropriate / reasonable technical, physical and/or organizational security measures
☒ obligation to take specific security measures e.g., encryption
☒ other
According to the Financial Services Law, financial intermediation entities are required to have an information security policy to prevent potential data breaches. The information security policy must be published and communicated to the different groups of the supervised entity in an understandable and accessible manner. The supervised entity must review and update this policy at least once a year to ensure the correct implementation of security practices.
Yes.
In a broad sense, financial intermediary entities have an obligation to implement proceedings to identify technical vulnerabilities, introduce policies and formal procedures in order to identify exposure to such vulnerabilities and adopt necessary preventive and/or corrective actions. The aforementioned proceedings are applicable to electronic transfers and transactions, as well as to the security of the financial entities' networks and communications.
☒ financial services requirements
☒ other
Financial Complementary Services
☒ No
☒ No
There is no data breach notification requirement in Bolivia. However, entities processing personal data should take appropriate remedial measures following a security breach in telecommunications, communication and information technologies, as well as in the financial sector.
Data subjects have the right to demand information regarding security breaches.
Last review date: 30 December 2024
☒ No
The Regulation for the Development of Information and Communication Technologies, which regulates the processing of data does not indicate any time for notification.