The Jamaica Observer published an article on September 09, 2020, about Standards for processing personal data. Here’s a summary:
The Data Protection Act, 2020 was passed by the Government of Jamaica (GOJ) but hasn’t been enacted and will not come into operation until the GOJ publicly appoints a date that the Act takes effect. Once the Act takes effect, it will impact how personal data is processed by companies. These companies will be required to ensure the data is being processed om compliance with the 8 Data Protections standards specified in the Act which include:
- Personal data must be processed fairly and lawfully and mustn’t be obtained by deception or misleading information.
- Personal data must only be obtained for a specific and lawful purpose and mustn’t be processed in any manner incompatible with those purposes.
- Personal data must be adequate, relevant and must be limited to the purpose for which it is being processed.
- Personal data must be accurate and kept up to date.
- Personal data must not be kept for longer than is necessary and must be disposed of in accordance with any regulations under the Act.
- Personal data must be processed in accordance with the rights of the data subjects under the Act.
- Personal data must be protected using appropriate technical and organisational measures to prevent unauthorised or unlawful processing as well as any accidental loss, destruction of, or damage to the data.
- Personal data must not be transferred to a state or territory outside of Jamaica unless that state or territory ensures an adequate level of protection for the rights of data subjects in relation to the processing of data.
Source:jamaicaobserver.com
Contributed by Racquel Bailey from Jamaica. Racquel is a member of our Women in InfoSec Caribbean (WISC) initiative on Discord. WISC is a non-profit initiative supporting Caribbean women and girls to develop a career in Information Security. Learn more about WISC at wiscaribbean.org.