On April 1, 2016 the Cayman Islands Government released The Data Protection Bill, 2016 (the Bill).
The Bill seeks to introduce in the Cayman Islands legislation on data protection, which, amongst other things, gives legal rights to individuals who have information stored about them.
The Bill is based on the English Data Protection Act 1998 and consists of eight key principles that must be adhered to:
Principle 1 – Information must be processed fairly and lawfully.
Principle 2 – Information collected must be processed for specified lawful purposes.
Principle 3 – Information collected must be adequate, relevant and not excessive.
Principle 4 – Information collected must be accurate and up to date.
Principle 5 – Information must not be held for longer than is necessary.
Principle 6 – Information must be processed in accordance with the individual's rights.
Principle 7 – Information must be kept secure.
Principle 8 – Information should not be transferred outside the Cayman Islands unless adequate levels of protection exist.
It is possible that amendments may be made to the Bill before it becomes effective. It is also not yet clear when the Bill will be brought into force. We shall provide a further detailed update of the new law in due course.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
