The Jamaica Gleaner posted an article on February 21, 2021, on how the Jamaican should tighten its data security. Below are some key highlights:
- Last week’s discovery of a security lapse on Jamaica’s JamCOVID that left the private information of tens of thousands of people open to scrutiny on the public Internet demands far more than dire warnings of the consequences people could face, under the Cybersecurity Act, if they helped themselves to the trove of data. But even as it investigates this failure, the Government should have already undertaken a comprehensive security audit – if one isn’t already under way – of all its databases, to ensure that their fail-safe systems are more robust than was the case with the JamCOVID site, and that the information they hold, belonging to millions of citizens, are not as vulnerable as that uploaded to the JamCOVID site by people seeking to visit the island.
- At the same, the Government should publicly commit to the standards prescribed by the Data Protection Act for the security and management of people’s private information, even before that law, approved by Parliament last year, is promulgated. We welcome the insistence on a quick turnaround.
- It was announced that the account under which the data is hosted on the Amazon server is owned by the Government. It is likely to be some time before that regime is in place.
Reference(s):