Information Commissioner urges business owners and employees to uphold the data privacy rights of data subjects

In light of the recent incident involving the former police officer who breached data protection laws by misusing police computer systems, Jersey’s Information Commissioner urges business owners, public authorities and their employees to ensure that they respect the data privacy rights of individuals.

Commissioner Jay Fedorak said: ‘When employees inappropriately access personal data on electronic systems intended only for legitimate purposes, such as law enforcement, health care, drivers licencing and other public services, the threat to personal privacy, dignity and well-being can be significant. It is a betrayal of public trust and can undermine public confidence in our institutions.’

‘It is crucial that citizens can entrust companies, organisations and public agencies across the island to keep their personal information secure. Data protection laws help ensure that there are appropriate legal protections and remedies against the mishandling of our personal data, which poses substantial risks  in today’s highly-digitised world.’

‘Since the law changed on 25 May, local businesses and organisations must comply with higher data protection standards. I would encourage all businesses to develop and implement an effective plan to ensure compliance.’

Additional information

To maintain trust and to comply with the Data Protection Jersey Law there is no escaping the following fundamentals;

  • staff training
  • policies and procedures to ensure data security and confidentiality
    • subject access policy and procedures
    • policies on the use of CCTV equipment
    • privacy policies and fair processing statements
    • retention and destruction policies
  • appropriate safeguards for the rights of data subjects
  • register with the Office of the Information Commissioner
  • establish a breach reporting mechanism