Barbados Advocate published an article on September 2nd, 2020 on Being Proactive In Terms of Data Protection Act.
Cybersecurity Specialist, David Gittens is urging Barbadian companies to grasp an understanding of the Data Protection Act and put the basics in place to protect people’s information.
- Gittens stated that any organization with a website that offers services or uses people data should become familiar with the Act. The act tells you what you can do with people’s data, what you cannot do, and what you must tell people about the data.
- He added that, every website that deals with data should include privacy statements that users and consumers can review to learn how their data is used. Statements should include words like, “we are not going to keep your data longer than we need to”, and “we are only going to use it for the purpose of what we say”.
- All organizations that process data, no matter how small the entity may be, need to look at the Act and apply the necessary measures in place on their website. Companies would need to be proactive and, in some cases, hire a Cybersecurity or Data Privacy specialist and/or train staff to ensure compliance with the Act, given the nature of their work. He indicated that small businesses can outsource such work for compliance as well.
Contributed by: Jason Jacobs from Guyana. Jason is a member of the CCST Discord group from the G5 Cyber Security Foundation Ltd. Learn more about CCST (Caribbean Cyber Support Team) by visiting caribbeancst.org. CCST is a collaborative group on the Discord platform for Caribbean people in IT, from beginners to experts.