Legislation to Protect Personal Data Being Developed

Photo: Yhomo Hutchinson Minister of State in the Ministry of Science, Technology, Energy and Mining, Hon. Julian Robinson (left), in discussion with Chief Technical Officer, Caribbean Cyber Security Centre, Deon Olton (right), at the National Conference on Cyber Security and Digital Forensics at the University of the West Indies (UWI) Regional Headquarters, in St. Andrew, today, October 1. At centre is Director, Mona ICT Policy Centre, Mona School of Business and Management, Professor Hopeton Dunn.

Story Highlights

  • The Government is in the process of developing more robust legislation aimed at protecting personal data.
  • Minister Robinson said the impending legislation will seek to set out the rights of the individual, with respect to their personal data.
  • Introduction of legislation in this area means that the public and private sectors will have to introduce appropriate measures to protect data in their custody.

The Government is in the process of developing more robust, clear and uniformed legislation aimed at protecting personal data, State Minister in the Ministry of Science, Technology, Energy and Mining (STEM), Hon. Julian Robinson, has informed.

Mr. Robinson said the Data Protection Act will safeguard, in general, the privacy of individuals in relation to personal data as well as regulate the collection, regulation, processing,  keeping, use and disclosure of certain information in physical or electronic form.

The State Minister was speaking on October 3 at the opening of a round table discussion on managing information and data risk, held at the Jamaica Pegasus Hotel in New Kingston.

Mr. Robinson  said the impending legislation will seek to set out the rights of the individual, with respect to their personal data. This will include, for example, the right to confirm whether or not personal information or data is being processed by an organisation.

It will also seek to determine the right to access information in the custody or control of an organisation, subject to certain exceptions, such as legal privileges; to take action to rectify incomplete, inaccurate or misleading information; or to block, erase, or destroy unlawful or unnecessary information.

“The legislation will prevent personal data from being disclosed or transferred to third parties, unless the data subject was informed that such disclosure may take place and the consent of the data subject obtained,” he added.

The transfer of personal information by organisations to recipients in other jurisdictions will be limited to jurisdictions that afford the same or greater levels of protection as provided the sender.

“(This means) that companies will have to ensure that third parties contracted to process data on their behalf are reputable, have secure systems and adhere to the company’s legislative obligations of security and confidentiality,” he pointed out.

Mr. Robinson argued that the introduction of legislation in this area also means that the public and private sectors will have to introduce appropriate, technical, and institutional security measures to protect data in their custody or control.

These measures include providing training to employees who process personal data and establishing structures that will avoid loss, unauthorised access, deliberate interference, fraudulent misuse, modification or the disclosure of data.

The one-day forum was organised by Columbus Business Solutions, under the theme: ‘Managing information and data risk: Data storage considerations, trends and disaster recovery’. It aimed to facilitate dialogue as well as the sharing of ideas on the application of technology in specific sectors to enhance business efficiency and profitability.

The event featured presentations from industry leaders, academia and policy makers on the opportunities and challenges involved in the use of technology.

JIS Social