Data Privacy Basics
This annual event, recognised in January, promotes awareness of data protection and encourages individuals and organisations to safeguard personal information.
What is Data Privacy Week?
This European regulation, effective since May 2018, has influenced data protection laws worldwide, including Jamaica’s Data Protection Act, 2020.
What is the General Data Protection Regulation (GDPR)?
Employees should use these security features on their devices to prevent unauthorized access to sensitive corporate information.
What are strong passwords and multi-factor authentication?
This concept integrates privacy considerations into the design of systems, processes, and services from the outset.
What is Privacy by Design?
Under the Jamaica Data Protection Act, companies must notify the regulator and affected individuals within this timeframe after discovering a data breach.
What is 72 hours?
This principle ensures that personal data is collected, used, and stored only when necessary for a specific purpose.
What is data minimization?
In 2020, Jamaica enacted this law, ensuring the protection of personal data and requiring organizations to implement compliance measures.
What is the Jamaica Data Protection Act, 2020?
Organizations should implement this process to assess and mitigate privacy risks before launching new systems or projects.
What is a Data Protection Impact Assessment (DPIA)?
Companies should regularly train employees on data privacy policies to reduce this common security risk.
What is human error?
All data controllers are required to comply with these eight principles set out under the JDPA.
What are the Data Protection Standards?
Employees handling personal data should follow this approach, ensuring they only access and process data necessary for their role.
What is the principle of least privilege?
The first international treaty dedicated to data privacy was signed in 1981 and is still in effect today.
What is Convention 108?
Employees should avoid sending personal or confidential company data over this type of unsecured network.
What is public Wi-Fi?
This internal document outlines how a company collects, processes, and protects personal data.
What is a privacy policy?
The Jamaica Data Protection Act mandates organisations to designate this individual to oversee data protection compliance.
What is the Data Protection Officer (DPO)?
Under data protection laws, companies must have a lawful basis for collecting personal data, including consent, contract, or legal obligation.
What are the legal bases for data processing?
This landmark U.S. law, passed in 2020, strengthened privacy rights for consumers in California.
What is the California Consumer Privacy Act (CCPA)?
The practice of disguising sensitive data to protect it in case of a breach is known as this.
What is data masking or pseudonymization?
Organizations should conduct this type of exercise to evaluate how well they handle a potential data breach.
What is a breach simulation or tabletop exercise?
Data subjects have this right, allowing them to request a copy of their personal data stored by an organization.
What is the right of access?
Organizations should establish this internal role or team to oversee compliance with data protection regulations.
What is a Data Protection Officer (DPO) or Data Privacy Team?
The first Data Privacy Day was established to commemorate this event in Europe.
What is the signing of Convention 108?
This principle ensures that organizations only keep personal data for as long as necessary.
What is data retention or storage limitation?
When engaging third-party vendors, companies should require compliance with data privacy laws through this type of agreement.
What is a Data Processing Agreement (DPA)?
Under JDPA, individuals have this right, allowing them to request the deletion of their personal data under certain circumstances.
What is the right to erasure (right to be forgotten)?