Argentina

In terms of personal data protection, Argentina issued Personal Data Protection Law (PDPL) on October 30, 2000. PDPL applies to the processing of personal data by individuals or legal entities located in Argentina (including legal entities that have offices or branches located in Argentina). PDPL aims to comprehensively protect personal data recorded in files, registers, databases, data banks, or recorded by other data processing techniques.

Argentina's regulators have released multiple specific rules and guidelines to help users better meet Argentina's PDPL requirements. One of the important standards is Resolution No. 47/2018 (referred to as "Resolution 47") issued by the Argentina Agency for Access to Public Information (AAPI) on July 23, 2018. Resolution 47 recommends security measures for the management, planning, control, and continuous improvement of information security.

Based on requirements of Argentina PDPL and Resolution No. 47, Huawei Cloud has issued Huawei Cloud Compliance with Argentina PDPL, which shares privacy protection experience and practices of Huawei Cloud and describes how Huawei Cloud helps you meet the compliance requirements of PDPL and Resolution No. 47.

In terms of cybersecurity, Central Bank of the Argentina Republic, or BCRA, released the guidelines for cybersecurity incident response and recovery on April 16, 2021. The guidelines cover important areas such as planning, preparation, analysis, mitigation, recovery, coordination, communication, and continuous improvement. BCRA has specifically stated that the guidelines are aimed at financial institutions, payment service providers that offer payment accounts and financial market infrastructures. However, given the general nature of these guidelines, they may also be adopted by any institution in the financial system, including IT and communication service providers.

BCRA is the main financial regulator in Argentina, responsible for the regulation, inspection and supervision of financial institutions in Argentina. The Superintendence of Financial Entities (SEFyC) of BCRA is responsible for tracking, supervising, analyzing, auditing, and assessing compliance of financial institutions in Argentina.

To maintain and strengthen the transaction security and stability of financial institutions, BCRA issued COMMUNICATION "A" 6375 (referred to as "A" 6375) and COMMUNICATION "A" 4609 (referred to as "A" 4609).

● "A" 6375 was issued on November 17, 2017. This regulation sets out management requirements for financial institutions that use decentralized/outsourcing services and provides guidance for financial institutions on risk management of decentralized/outsourcing activities.

● "A" 4609 was issued on August 29, 2018. This regulation defines the main requirements that financial institutions have to comply with in scenarios such as information asset management, data processing, operation procedures, record storage, database management, system changes, event management, technical documentation management, and compliance assessment. But at the same time, given that the requirements for all scenarios in "A" 4609 are included in "A" 6375, and the requirements stipulated in "A" 6375 are more comprehensive and specific, you can mainly focus on regulatory requirements in "A" 6375.

HUAWEI CLOUD User Guide to Financial Services Regulations & Guidelines in Argentina describes how Huawei Cloud will help you meet the regulatory requirements of the financial industry in Argentina.

Huawei Cloud is committed to providing you with secure and compliant infrastructure and services. Each service has built-in security features and is guaranteed to run securely through continuous O&M. Huawei Cloud ensures that the infrastructure and services it provides have been assessed by authoritative, independent, third-party agencies and reviewed by the relevant certifying bodies.

When using Huawei Cloud services, you are responsible for the security and compliance of internal applications and custom configurations of your workloads on the cloud. As the owner and controller of your data, you are responsible for data security configuration, confidentiality, integrity, availability, as well as identity authentication and authorization for data access.

You are also responsible for compliance with the applicable regulatory requirements for your workloads on the cloud. If you use our cloud services to build financial services involving outsourcing activities, you are responsible for your compliance with "A" 6375 issued by BCRA.

You can download HUAWEI CLOUD Security White Paper to view details about the responsibilities of Huawei Cloud and yours.

For more security and compliance issues, contact your account manager or Huawei Cloud.

Huawei Cloud is committed to building secure and trusted cloud services. The infrastructure and services provided by Huawei Cloud have been assessed by authoritative, independent, third-party agencies and reviewed by the relevant certifying bodies.

Huawei Cloud is compliant with a wide range of international standards and practices, including:

• Security standards: ISO 27001, ISO 27017, CSA STAR, PCI DSS, PCI 3DS, ISO 27034, and NIST cyber security framework (CSF), and more

• Privacy standards: ISO 27018, ISO 27701, BS 10012, ISO 29151, and ISO 27799

• Other standards: ISO 22301 (for business continuity management), ISO/IEC 20000 (for IT service management), TL 9000 and ISO 9001 (for quality management), SOC 1, SOC 2, and SOC 3(for audit)

Learn more from Compliance Certificates in the Compliance Center.