In Panama, Law No. 81 on Personal Data Protection has been in effect for over three years, while in Chile, companies face the challenge of adapting before the new regulation comes into full force on December 1, 2026. From a governance perspective, Barrera suggests a gradual implementation of policies and systems so that employees can incorporate best practices. The key lies in implementing policies and technologies that facilitate smooth compliance, enhancing business efficiency, security, and profitability. In the case of WhatsApp, if a user attempts to send a sensitive file through this unauthorized medium, the system can immediately block the action and generate a security report. Finally, the expert concludes that data protection should not be an obstacle to business growth. This practice carries significant risks when the platform is used to discuss customer details, share project updates, or negotiate agreements in an environment with weak institutional oversight and control. Mario Barrera, commercial director of Nubatech, warns that the improper use of this application by internal clients poses a critical challenge for companies. Barrera points out that seemingly common actions, such as sending daily sales reports to internal workgroups, constitute serious regulatory violations. The strategy to mitigate these risks should not focus on banning the tool, but on promoting cultural and technological change. Risks to data protection from the use of WhatsApp in companies. The commercial director of Nubatech, Mario Barrera, highlights the importance of integrating real-time control technology to strengthen internal data protection and avoid fines. However, he acknowledges that no organization is immune to human errors, whether voluntary or involuntary, making technological backup indispensable. Nubatech's technical recommendation is to adopt technologies that automate compliance through unified data governance. These tools identify who, what, how, when, and by what means attempted to manipulate sensitive information. Organizations can categorize applications as secure or non-secure destinations. According to the executive, whose company has implemented compliance solutions since 2022, regional legislation has been updated under the influence of the European General Data Protection Regulation (GDPR), raising the required standards. Limitations of conventional platforms. The Nubatech representative explains that while WhatsApp Business meets basic GDPR aspects, it does not offer the granular controls necessary for internal use. This includes monitoring local files, cloud services, and real-time applications to prevent unauthorized access. This lack becomes the main gap for data leakage or misuse. Real-time control and monitoring. Current specialized systems allow for automatic logging of operations, sending notifications, and blocking unauthorized actions.
