On International Data Protection Day, the Data Protection Authority BES (the Authority) will be focusing on the subject of data breaches. A data breach involves unauthorized/illegitimate access to personal data, such as through the accidental loss of a USB stick, a misdirected email or a criminal hack carried out on a server carrying personal data.
Data breach as Data Protection Day Theme
On January 28, the emphasis will be on privacy. This year, on International Data Protection Day, the Data Protection Authority will focus on raising awareness about the danger of data breaches, which leads to personal data landing illegitimately in the hands of unauthorized third parties. Organizations are required to take precautions to protect processed personal data as best as possible. And if the data still falls into the wrong hands, the organization must report this to the individuals or businesses concerned.
One common way of gaining illegitimate access to and misusing personal information is through phishing, whereby people receive (fake) emails asking them to re-enter sensitive personal data. Another is by spreading malware, which consists of a computer application designed to secretly pass on data to someone who then uses it for unlawful ends. Organizations are required to limit the damage caused by a data breach to the extent possible.
Report Your Data Breach
“To get a better scope of the incidence of data breaches on Bonaire, Sint Eustatius and Saba, we request that all data breaches be reported to the Authority’s Secretariat. This also allows the Secretariat to share tips on how to prevent such breaches in the future and, for instance, to advise whether the police should additionally be involved if the breach was the result of an attack that was criminal in nature”, informs the Authority’s Secretary, Ms. Roëlla Pourier.
In collaboration with the Dutch Caribbean Police Force (KPCN) Cybercrime Unit and the Chamber of Commerce on Bonaire, the Authority will soon publish a flyer outlining a step-by-step plan for preventing data breaches wherever possible.
Data-breach Prevention Awareness
In its communication towards citizens and organizations on Bonaire, St. Eustatius and Saba, the Authority will also be raising awareness on the dangers posed by data breaches, which include not only financial risks but also identity fraud and, whenever unauthorized disclosure of medical data is involved, psychological effects. It is important for organizations as well as citizens to be aware of the dangers posed by data breaches and know how to prevent and mitigate these to the fullest extent possible.
The Authority is an independent body, consisting of Mr. Glenn Thodé (chair), Mrs. Esther Pourier-Thodé (vice chair) and Mr. Jacques van Eck (member), supervising the processing (including storage and use) and the (organizational and technological) protection of personal data. On its website, www.cbpbes.com, the Authority posts information with the aim of bringing the subject of personal data protection to the general public. For any questions on how personal data should be handled or to report a data breach, please contact the Secretariat at firstname.lastname@example.org or by phone at +599 7159114.