The Data Protection Authority CBP-BES, which is charged with monitoring and enforcement in relation to the processing of personal data by the public and private sectors in the Caribbean Netherlands, has found during an audit that the Shared Service Organisation of the Caribbean Netherlands SSO-CN is not properly processing documents with personal data via its internal network.
The network is accessible to everyone who works at the National Department for the Caribbean Netherlands RCN.
The CBP-BES discovered protection and security deficiencies in relation to certain digital files. The investigation focused on four aspects of personal data processing: how carefully and properly the personal data is processed, what the purpose of the processing is, what the grounds for the processing are, and how the security of personal data is guaranteed.
The CBP-BES assessed its findings based on the standards laid down in the Personal Data Protection Act BES and concluded that these standards were not being complied with.
The report, including recommendations, has been sent to the director of SSOCN. The organization must implement suitable technical and organizational measures to ensure the adequate protection and security of personal data. CBP-BES also recommended drawing up a protocol so that timely action can be taken in the event of a data leak.
The Data Protection Authority said it was “positive” about the steps that SSO-CN has already taken to ensure that personal data is processed as safely as possible, and said it is “confident” that SSO-CN will implement all recommendations by the agreed deadline.
“The actions are not only aimed at creating a safe and better-protected platform but also focus on a shared vision of the use of the network by government departments in the Caribbean Netherlands,” according to CBP-BES secretary Roella Pourier.
The Daily Herald.