Our Office

Calle 10 A # 34 11 Hotel Diez Categoría, office 4014


+57 318 5324130

New guidelines for the use of technology in the public sector

The Presidency of the Republic of Colombia issued on March 15 of this year, the guidelines for the use of new technologies in the Public Entities of the Executive Branch of the National Order.

Through Directive No. 03. The aforementioned document regulates the use of cloud services, artificial intelligence, digital security and data management.

Thus, Cuadro Legal, a firm of  Abogados took on the task of explaining to our clients and allies what this new guideline consists of, which aims to comply with Article 147 of Law 1955 of 2019, which proposes to: reduce operating costs, accelerate innovation, provide reliable digital environments for public entities and improve their procedures and services.

In this order of ideas, each of the regulated items will be described below:


This seeks to evaluate and optimize the management of public resources in Information Technology projects, through the use of demand aggregation instruments and prioritization of cloud services, to meet the needs of stakeholders, based on the costs and benefits of this possibility.

These services must allow interoperability with other clouds or local computing centers (in the entity).

It will also comply with the set of rules that make up the digital government policy issued by the Ministry of Information and Communication Technologies, particularly with regard to digital security, by complying with the guidelines and standards set forth in the security and privacy enabler.

It should be noted that the entities to which this Directive is addressed must prepare an implementation plan for the use of cloud services within six (6) months of its issuance.


Its regulation seeks to promote inclusive growth, sustainable development and the well-being of citizens through the use of lA systems, in order to improve their quality of life.

In turn, it seeks to encourage the participation of public officials in courses, training or talent programs aimed at generating greater knowledge and skills on IA.

Thus, it proposes to facilitate the implementation of regulatory sandboxes in LA within the framework of inter-institutional coordination and articulation.

In addition, within the framework of Law 1712 of 2014 “Whereby the Law of Transparency and the Right of Access to National Public Information is created and other provisions are enacted”, citizens must be informed when implementing a project that incorporates LA systems and the purpose of its use, providing clear and updated information, in order to ensure knowledge of this technology and the characteristics of the projects.


It aims to strengthen the capabilities and functionality of entities in terms of cybersecurity and resilience. Therefore, it seeks to comply with the guidelines on digital and information security issued by the MinTIC and those issued within the framework of the National Government’s national policy on trust and digital security. In addition, it aims to strengthen digital security measures considering the dynamics that the use of digital media has incorporated.

Moreover, it aims to assess digital security risks in order to reduce the adverse effects of security incidents.


In this point, it is proposed that when the entities require the acquisition of images of the territory, either from satellite or airborne platforms, they should establish the necessary coordination channels with the different entities that may be involved, in order to optimize resources and contribute to the transfer of knowledge, within the framework of the Colombian Spatial Data Infrastructure – ICDE.

On the other hand, this item establishes that the publication and exchange of new datasets for open use must be accompanied by technical metadata and management metadata.

In addition, datasets should be accompanied by supporting documents for their proper interpretation, use and exploitation, such as data dictionaries, metadata manuals or field catalogs.

Now, for data capture forms and applications, validation rules must be implemented to allow automatic verifications when entering information.

Adequate risk management and data quality must also be implemented, prioritizing the availability of information in a structured manner, so that attributes, characteristics, records, concepts and data domains can be identified.

If you have any doubts regarding the subject or need legal advice for the implementation of technology in your company do not hesitate to write us on the whatsapp button or any of our contact channels. Cuadro Legal law firm

Written by: Alejandra Cardona Mercado

Source: Presidential of the Republic, Directive 03, Mar. 15/21.

Scroll to Top