Data & Privacy · Honduras
Data protection & privacy law in Honduras (2026)
Honduras shaded by its data & privacy status
Data protection in Honduras: sectoral rules, under Constitutional Habeas Data (Article 182, 1982 Constitution rev. 2013) + Law on Transparency and Access to Public Information (LTAIP, Decree 170-2006), supervised by the Instituto de Acceso a la Información Pública (IAIP).
Honduras has no comprehensive personal data protection law in force. Data protection rests on a constitutional habeas data guarantee (Article 182) and the 2006 Transparency Law (LTAIP), which regulates personal data held by public-sector obligated institutions under IAIP oversight. A draft comprehensive Personal Data Protection Law has been stalled in the National Congress since April 2018 with no final approval as of May 2026.
Key points
Article 182 of the 1982 Constitution (revised 2013) guarantees all persons the right to access, rectify, update, and suppress personal data held in public or private databases, and to prevent its unauthorized disclosure or transmission.
Decree 170-2006 obliges public institutions to protect personal data, prohibits disclosure of data that could cause discrimination or moral/economic harm, defines confidential information categories, and extends the constitutional habeas data right in the public-sector context.
The Instituto de Acceso a la Información Pública (IAIP) is an independent public body that supervises compliance by public-sector obligated institutions and operates the Portal Único de Transparencia. No dedicated data protection authority with private-sector jurisdiction exists.
A draft Personal Data Protection and Habeas Data Law, prepared by the IAIP and submitted to Congress around 2015, advanced through initial parliamentary chapters but has been suspended since April 2018 without final approval, leaving no comprehensive private-sector data protection regime enacted.
The Transparency Law defines sensitive personal data (ethnicity, health status, personal beliefs) and requires explicit consent for its processing, with limited exceptions. These obligations apply primarily to public-sector and LTAIP-obligated entities, not broadly to private controllers.
Private-sector data processing is not governed by any dedicated data protection statute. There are no statutory requirements for breach notification, data protection officers, or cross-border transfer rules for private entities; individuals must rely on constitutional habeas data court remedies.
Honduras - other topics
Data & Privacy in other countries
Last verified 5/24/2026 · Orientation, not legal advice - verify against the primary sources linked above. Methodology & how to cite · Explore the full world map →