The “Delegate of Data Protection”: Strategic Planning in information security Case Ecuador

Abstract Information security over time has been taking important scenarios in the world, along with regulations and laws have had to adapt to this evolution in such a way that protection, compliance, and sanctions are guaranteed. A sample of this is the new European Data Protection Regulation in force since May 25, 2018, where it administers the function of “Data Protection Delegate” (DPD) or Data Protection Officer (DOP). Since this position is new to the rest of the world, concerns arise about the functions that it will have to fulfill in Latin American countries, where most of them already have a Data Protection Law but not with the position of Delegate as such. This study aims to justify the need for this new position, through a SOWA analysis of PESTEL, compilation of reports, interested stakeholders of the project, in addition to publicizing the guidelines, roles, fields of action, risk prevention and audit in terms of compliance.