The Bailiwick of Guernsey is, for the first time, participating in the Global Privacy Enforcement Network Privacy Sweep which takes place in September and October 2019.
The Global Privacy Enforcement Network (GPEN) was established to foster cross-border cooperation among privacy authorities. This, the seventh Sweep, will focus on how organisations in each jurisdiction are prepared for handling data breaches, their internal procedures and framework, how they respond and the processes in place for preventing future breaches.
Guernsey’s Office of the Data Protection Authority (ODPA) is one of 18 privacy enforcement authorities from around the world taking part. It is focusing solely on local healthcare providers and has already contacted a select number locally to respond to GPEN’s set questionnaire.
ODPA Case and Compliance Investigator, Edward Chapman, is coordinating the Sweep locally.
“The theme for this year is data breach notifications so this presents a great opportunity for Bailiwick organisations to be a part of this important, international project. I would like to assure everyone that their responses to the questionnaire we issue are for information purposes rather than enforcement,” he said.
Guernsey is one of a growing number of jurisdictions around the world where data breach reporting is mandatory. Several, such as New Zealand, Hong Kong and Singapore, are in the process of considering the feasibility of adopting a mandatory regime or are in the process of doing so.
The Sweep is an opportunity for enforcement authorities to reflect on how their local organisations are performing compared to other parts of the world and identify trends which could guide future education and outreach.
The overall results of this year’s Sweep will be compiled and made public towards the end of 2019.