Chile

● Chile established Law 19,628 On the Protection of Private Life in 1999. It is the only law governing personal data protection in Chile at present.

● Chile introduced Bill 11,144-07 on March 25, 2017. The bill established detailed regulations of major issues such as cross-border transfer of personal data and establishment of a supervisory authority for personal data protection, aiming to greatly improve the personal data protection level of Chile. However, the bill has not yet come into force and is still in discussion.

● In addition to the preceding legal provisions, other regulations regarding personal data protection are scattered throughout Chile's criminal and civil laws, which, together with Law No. 19,628, constitute the legal and regulatory system on personal data protection.

Legal compliance is critical for business operations. We share our experience and our best practices with personal data protection to help you achieve compliance with security regulations faster.

Chilean financial institutions may be subject to many legal and regulatory requirements when using cloud services. The major regulations include:

● RAN 20-7 Externalización de Servicios (Outsourcing): outsourcing requirements for financial institutions supervised by Superintendencia de Bancos e Instituciones Financieras (SBIF), including requirements for cloud services

● RAN 1-13 Clasificacin de Gestin y Solvencia (Management and Solvency Classification) and RAN 20-8 Informacin de Incidentes Operacionales (Operational Event Information): guidelines and best practices for cybersecurity management

● RAN 20-9 Gestión de la Continuidad de Negocio (Business Continuity Management): requirements for data processing sites and technology infrastructures, including those for cloud services

As a cloud service provider, Huawei Cloud is committed to helping you meet these regulatory requirements and continuously providing you with cloud services and environments that meet financial industry requirements.

Huawei Cloud is committed to providing you with secure and compliant infrastructure and services. Each service has built-in security features and is guaranteed to run securely through continuous O&M. Huawei Cloud ensures that the infrastructure and services it provides have been assessed by authoritative, independent, third-party agencies and reviewed by the relevant certifying bodies.

When using Huawei Cloud services, you are responsible for the security and compliance of internal applications and custom configurations of your workloads on the cloud. As the owner and controller of your data, you are responsible for data security configuration, confidentiality, integrity, availability, as well as identity authentication and authorization for data access.

You are also responsible for compliance with the applicable regulatory requirements for your workloads on the cloud.

You can download HUAWEI CLOUD Security White Paper to view details about the responsibilities of Huawei Cloud and yours.

For more security and compliance issues, contact your account manager or Huawei Cloud.

Huawei Cloud is committed to building secure and trusted cloud services. The infrastructure and services provided by Huawei Cloud have been assessed by authoritative, independent, third-party agencies and reviewed by the relevant certifying bodies.

Huawei Cloud is compliant with a wide range of international standards and practices, including:

• Security standards: ISO 27001, ISO 27017, CSA STAR, PCI DSS, PCI 3DS, ISO 27034, and NIST cyber security framework (CSF), and more

• Privacy standards: ISO 27018, ISO 27701, BS 10012, ISO 29151, and ISO 27799

• Other standards: ISO 22301 (for business continuity management), ISO/IEC 20000 (for IT service management), TL 9000 and ISO 9001 (for quality management), SOC 1, SOC 2, and SOC 3(for audit)

Learn more from Compliance Certificates in the Compliance Center.