- The Data Protection Act will safeguard, in general, the privacy of individuals in relation to personal data.
- The impending legislation will seek to set out the rights of the individual, with respect to their personal data.
- It will also seek to determine the right to access information in the custody or control of an organisation.
The Government is in the process of developing more robust, clear and uniformed legislation aimed at protecting personal data, State Minister in the Ministry of Science, Technology, Energy and Mining (STEM), Hon. Julian Robinson, has informed.
Mr. Robinson said the Data Protection Act will safeguard, in general, the privacy of individuals in relation to personal data as well as regulate the collection, regulation, processing, keeping, use and disclosure of certain information in physical or electronic form.
The State Minister was speaking on October 3, at the opening of a round table discussion on managing information and data risk, held at the Jamaica Pegasus Hotel in New Kingston.
Mr. Robinson said the impending legislation will seek to set out the rights of the individual, with respect to their personal data. This will include, for example, the right to confirm whether or not personal information or data is being processed by an organisation.
It will also seek to determine the right to access information in the custody or control of an organisation, subject to certain exceptions, such as legal privileges; to take action to rectify incomplete, inaccurate or misleading information; or to block, erase, or destroy unlawful or unnecessary information.
“The legislation will prevent personal data from being disclosed or transferred to third parties, unless the data subject was informed that such disclosure may take place and the consent of the data subject obtained,” he added.
The transfer of personal information by organisations to recipients in other jurisdictions will be limited to jurisdictions that afford the same or greater levels of protection as provided the sender.
“(This means) that companies will have to ensure that third parties contracted to process data on their behalf are reputable, have secure systems and adhere to the company’s legislative obligations of security and confidentiality,” he pointed out.
Mr. Robinson argued that the introduction of legislation in this area also means that the public and private sectors will have to introduce appropriate, technical, and institutional security measures to protect data in their custody or control.
These measures include providing training to employees who process personal data and establishing structures that will avoid loss, unauthorised access, deliberate interference, fraudulent misuse, modification or the disclosure of data.
The one-day forum was organised by Columbus Business Solutions, under the theme: ‘Managing information and data risk: Data storage considerations, trends and disaster recovery’. It aimed to facilitate dialogue as well as the sharing of ideas on the application of technology in specific sectors to enhance business efficiency and profitability.
The event featured presentations from industry leaders, academia and policy makers on the opportunities and challenges involved in the use of technology.