Lead-in to PIPA law is not too lengthy

Published: 22 Jun 2023
Type: Insight

Last Friday in the House of Assembly, the Government introduced amending legislation required to bring Bermuda’s 2016 privacy laws into effect on January 1, 2025. That may seem like a long ramp-up period to some, but it is not.

Bermuda’s Personal Information Protection Act 2016 (PIPA) sets out a comprehensive regime to protect a broad range of personal information, including information – among all other details about an identified or identifiable individual – that may disclose an individual’s address and contact information, family status, financial circumstances, and their physical and mental health.

As important as it is for many organisations and businesses to use and rely upon personal information to carry on business, it is also vital to ensure that such information is protected and not wrongfully exploited.

  • Understand both the privacy rights of individuals and the obligations and requirements of their organisations under PIPA
  • Develop a critical path to adopt and implement the compliance measures and policies that will be required
  • Train their personnel in the systems, activities and procedures that must soon be adopted and implemented to ensure their compliant use of personal information

Many organisations have diligently begun that compliance development process and will benefit from their head start. Others, some of whom have complex operations that are highly dependent on personal information, now have a fixed date for compliance that will likely be motivational.

Friday’s introduction of PIPA’s amending legislation was just the beginning of PIPA’s implementation. Although those amendments are designed to harmonise PIPA with the laws that allow the public to access government information, the Electronic Transactions Act 1999 also contains various privacy provisions that I suspect may also require some harmonisation in the months ahead.

Perhaps one of the greatest benefits that the 18-month lead-time will provide is the time that it will afford the Privacy Commissioner to publish his much anticipated Guide to PIPA that was announced last week, and that is promised to contain “dozens of pages of tips, checklists and other pieces of advice” that will provide welcomed compliance guidance to encourage and facilitate PIPA preparedness.

To learn more about PIPA, listen to our recent Bermuda Shorts ‘Tech Talks’ podcast on Bermuda’s privacy law.

First Published in The Royal Gazette, Legally Speaking column, June 2023

Share
More publications
050-Insolvency-Restructuring-Grid-Image
13 Jul 2026

Bermuda: Restructuring & Insolvency

This country-specific Q&A provides an overview of Restructuring & Insolvency laws and regulations applicable in Bermuda.

Appleby-Website-Regulatory-Practice
10 Jul 2026

It’s healthy to sometimes disagree with regulators

At some point, almost every regulated business will disagree with its regulator.

Appleby-Website-Privacy-and-Data-Protection
8 Jul 2026

Bermuda Privacy Commissioner Signals Shift to Stronger PIPA Enforcement

The Office of the Privacy Commissioner (PrivCom) has issued its first annual report since Bermuda's Personal Information Protection Act 2016 (PIPA) came fully into force, with the reports content signaling a transition from education and implementation to a stronger focus on enforcement.

Bermuda-1024x576-1
1 Jul 2026

A Forest for the Future

A first since the blight, the airport cedar forest is growing tall and standing strong.

Appleby-Website-Regulatory-Practice
1 Jul 2026

Complied out of business

Firms are complying themselves out of business because compliance no longer matches the evolving sophistication of the Bermuda Monetary Authority (BMA).

Appleby-Website-Insurance-and-Reinsurance
1 Jul 2026

The long game: how Bermuda became the world’s life reinsurance capital

Ask a life insurer in New York, London or Tokyo where the liabilities behind their book ultimately sit and there is an increasingly good chance the answer is a 21-square-mile island in the North Atlantic.

Appleby-Website-Insurance-and-Reinsurance
1 Jul 2026

Record H1’26 Cat Bond Issuance Driven by Rising Sponsor Comfort and Diversified Risk

With H1 2026 officially breaking the record for the most catastrophe bond deals to come to market and settle in the first six months of the year, a key trend driving this momentum is how comfortable sponsors have become with the mechanics of the overall cat bond space. This familiarity has ultimately encouraged a wave of new sponsors to enter the market, according to Brad Adderley, Managing Partner at law firm Appleby.

Appleby-Website-Employment-and-Immigration
12 Jun 2026

The Cost of Getting Employee Departures Wrong: Five Common Pitfalls for Bermuda Employers

Employee departures are an inevitable part of running a business, but the way they are managed can have significant legal, financial and operational consequences. In Bermuda, employers who approach terminations without adequate preparation may expose themselves to unnecessary disputes, regulatory issues, and reputational harm. Whether an employee is being dismissed for performance reasons, made redundant or departing as part of a negotiated exit, by recognizing the following common mistakes and taking a proactive approach, organizations can manage departures more effectively and reduce risk.

Appleby-Website-Privacy-and-Data-Protection
8 Jun 2026

It’s time to bridge Pipa compliance gap

A review of 200 publicly available privacy notices of companies in Bermuda has revealed that just one in nine are fully compliant with the Personal Information Protection Act 2016.

Appleby-Website-Privacy-and-Data-Protection
26 May 2026

Transparency is a legal requirement under Pipa

Major companies across the European Union have faced substantial fines between 2019 and 2024, estimated at a total of €930 million (about $1.08 billion), not only for cyberattacks or data breaches, but also for issues such as noncompliant privacy notices. A common theme in many cases has been a lack of transparency.