Bermuda’s Personal Information Protection Act 2016 (PIPA) sets out a comprehensive regime to protect a broad range of personal information, including information – among all other details about an identified or identifiable individual – that may disclose an individual’s address and contact information, family status, financial circumstances, and their physical and mental health.

As important as it is for many organisations and businesses to use and rely upon personal information to carry on business, it is also vital to ensure that such information is protected and not wrongfully exploited.

  • Understand both the privacy rights of individuals and the obligations and requirements of their organisations under PIPA
  • Develop a critical path to adopt and implement the compliance measures and policies that will be required
  • Train their personnel in the systems, activities and procedures that must soon be adopted and implemented to ensure their compliant use of personal information

Many organisations have diligently begun that compliance development process and will benefit from their head start. Others, some of whom have complex operations that are highly dependent on personal information, now have a fixed date for compliance that will likely be motivational.

Friday’s introduction of PIPA’s amending legislation was just the beginning of PIPA’s implementation. Although those amendments are designed to harmonise PIPA with the laws that allow the public to access government information, the Electronic Transactions Act 1999 also contains various privacy provisions that I suspect may also require some harmonisation in the months ahead.

Perhaps one of the greatest benefits that the 18-month lead-time will provide is the time that it will afford the Privacy Commissioner to publish his much anticipated Guide to PIPA that was announced last week, and that is promised to contain “dozens of pages of tips, checklists and other pieces of advice” that will provide welcomed compliance guidance to encourage and facilitate PIPA preparedness.

To learn more about PIPA, listen to our recent Bermuda Shorts ‘Tech Talks’ podcast on Bermuda’s privacy law.

First Published in The Royal Gazette, Legally Speaking column, June 2023

Share
Twitter LinkedIn Email Save as PDF
More Publications
10 Jun 2024

Bankruptcy & Restructuring – Planning for Failure

The sudden collapse of Lehman Brothers in September 2008 sent shockwaves around the globe. As the la...

4 Jun 2024

Bermuda’s cybersecurity law transformation is well underway

We are almost six month into 2024, and this year has already been transformative for IT and cyber se...

23 May 2024

Regulatory oversight is key for Bermuda’s insurance sector

Bermuda’s thriving insurance and reinsurance sector requires effective regulatory oversight if it ...

9 May 2024

It is all about the data

All successful enterprises have a voracious appetite for data. The advanced abilities of IT systems ...

3 May 2024

Best Practices for Conducting Investigations into Employee Grievances

Grievance procedures are very important, but often overlooked, procedures that all employers should ...

25 Apr 2024

Trusts, and how they came to be

What traces its history through Ancient Rome and the Crusades, can have many de facto owners, none a...

8 Apr 2024

Electronic dissemination of corporate communications by Hong Kong listed issuers from an offshore perspective

In June 2023, The Stock Exchange of Hong Kong Limited published consultation conclusions to its cons...

3 Apr 2024

Bermuda: Lack of New Players Is Supporting Strong Interest in ILS

All signs point to another very strong year for the catastrophe bond and related insurance-linked se...

2 Apr 2024

Choosing the right structure for your business in Bermuda

Anyone seeking to set up a business in Bermuda has a variety of options, depending on the nature of ...

25 Mar 2024

PIPA Compliance is Not Just a Domestic Affair

As organizations in Bermuda prepare for the full application of the Personal Information Protection ...