Financial Crime World

Data Protection Laws and Regulations in Honduras

Honduras has a complex data protection landscape, with various laws providing some level of protection for personal data. However, there is no comprehensive data protection law in place.

Data Protection Laws

  • No Comprehensive Law: There is currently no comprehensive data protection law in Honduras.
  • Transparency Law: The Transparency Law (Articles 42 and 66) requires entities to register with the Registry of Personal Data Controllers and Processors.

Personal Data Management

  • Access Rights: Individuals have the right to access their personal data under Article 13(2) of the Constitutional Justice Law, but only in specific circumstances.
  • Data Processing Records: There is no obligation for data controllers and/or processors to maintain data processing records or appoint a data protection officer.
  • Data Breach Notification: Data breach notification is not mandatory, except when it involves sensitive information.

Data Transfers

  • No Policies: There are no policies regarding data transfers, although health patients’ medical histories can be shared with their consent.
  • Financial Sector Data: Financial sector data can only be transferred for due diligence, Know Your Client (‘KYC’), and credit scoring purposes.

Rights of Data Subjects

  • Right to Be Informed: The right to be informed is not explicitly recognized in Honduran law.
  • Rights to Access, Rectification, Erasure, Object/Opt-out, and Data Portability: Rights to access, rectification, erasure, object/opt-out, and data portability are partially recognized or limited in scope.
  • Right Not to Be Subject to Automated Decision-Making: There is no recognition of the right not to be subject to automated decision-making.

Penalties

  • Termination of Employment to Fines: Penalties for wrongful data management vary from termination of employment to fines up to 40 minimum wages (approx. $16,687).
  • Imprisonment and Monetary Fine: In cases involving ‘Disclosure of Secrets,’ offenders face one to three years in prison with a monetary fine.

Conclusion

The Honduran legal framework lacks comprehensive data protection regulations, and many rights of data subjects are not explicitly recognized or are limited in scope.