tTech urges corporates to get compliant with new Data Protection laws

Managed IT Services provider tTech Limited is urging the corporate sector in Jamaica to prioritize data protection in the New Year in accordance with the new Data Protection Act.

Companies are also being encouraged to make IT compliance a primary focus. These and other areas were discussed during a Data Protection Day webinar hosted by tTech last Saturday.

Data privacy, liability, the Data Protection Act, IT compliance and its implications and requirements were some of the far-reaching topics discussed during the webinar.

According to Jaleel Henry, security specialist at tTech, there is no guesswork about what is required.

He said the challenge now lies in completing the steps from registration to compliance on time.

Henry explained, “the seventh standard of the Data Protection Act speaks to a specific set of technical measures that are required for entities across the board to implement that will ultimately ensure that, where they are in a position to receive and process customers’ personal data, it is not accessed or shared by unauthorized persons”.

“This means that businesses, to avoid embarrassment from breaches, incidents of fraud, client mistrust and legal ramifications, need to have a robust plan of action in place by the compliance deadline, December 1, 2023”.

Chukwuemeka ‘Chuk’ Cameron, the founder of Design Privacy, added that “unfortunately, many entities still don’t believe that breaches can and will happen to them and, further, the data protection and IT compliance laws and sanctions won’t apply to them. They think it’s just the ‘big guys’ that get targeted”.

He stated that “On the contrary, businesses of all sizes and across all industries will find that they will not be exempt from the strict data protection and IT compliance laws, and breaches of these laws could, unfortunately, see monetary fines of up to four per cent of their revenue.”

Additionally, companies with international trading partners will be required to become data protection and IT compliant if they want to maintain those relationships.

Under the law, the newly installed data commissioner will issue fines or prohibit operations that allow them to receive or process persons’ data. These operations could include accepting credit or debit card payments, onboarding new clients, or accessing client records.

GraceKennedy and Mayberry Investments Limited, which have begun the meticulous compliance process with tTech’s help, agreed that consideration of the legal, technical and other risks associated with non-compliance, despite the challenges, was a key driver in their decision to get on board.

Lesley-Anne Wilson, a business analyst at tTech, appealed to the corporate sector that it would be best for businesses to join the movement and begin to view protection and compliance as a matter of utmost priority for them in the New Year.

She further stated that persons who entrust their personal data to organizations should pay closer attention to how their data is being treated and help hold these companies accountable if their privacy is breached.