Do you use personal data in your workplace? If you are a local organisation/business/sole-trader (and all other entities established in the Bailiwick), then you need to complete a new registration with The Office of the Data Protection Authority (ODPA) during January and February 2021, and pay an annual fee in order to meet new requirements.
Puzzled by data protection?
“Its aim is to ensure people are treated fairly and lawfully, protecting them from harms that can arise from their personal data being
mis-used. Data protection legislation (globally) provides the legal framework and protections for people and their data, recognising that it matters how people are treated.” ODPA
In essence, people’s data must be used properly. Our rights as individuals must be respected by those organisations/businesses who need to use our personal data to ‘perform a task or function’.
“We want the Bailiwick to recognise the importance of data governance for our economy and for the wellbeing of our citizens because, as you now know, data protection is people protection. So if you care about treating your fellow humans with the dignity and respect you’d like for yourself and your loved ones, then you will care about protecting people’s data. Always keep in mind data protection is about preventing
people from being harmed.” ODPA
The new law gives us as individuals 10 rights and puts legal obligation on organisations/businesses who use personal data. These duties all flow from what the ODPA call ‘seven principles’:
- LAWFULNESS, FAIRNESS & TRANSPARENCY.
You must have a valid legal reason for processing personal data. You must obtain it without
deceiving the person whose data it is, and you must make it clear exactly how you are going to use
their data. - PURPOSE LIMITATION.
You must only use personal data for the reason (or reasons) you have told the person you are using it
for. - MINIMISATION.
You must only ask for the minimum amount of personal data necessary from the person. - ACCURACY.
You must ensure that any personal data you hold is accurate and where necessary, up-to-date. - STORAGE LIMITATION.
You must not keep personal data for longer than you need it for. - INTEGRITY AND CONFIDENTIALITY.
You must keep personal data safe so that it doesn’t get accidentally deleted or changed, or
seen by someone who is not allowed to see it. - ACCOUNTABILITY.
This is the big one. You must be able to demonstrate that you take responsibility for how you look
after personal data.
Find out more about the new requirements and register at https://www.odpa.gg. Remember, the simple act of registering with the ODPA does not make you compliant with the law – how you treat people’s data determines that.