In April 2016 the Cayman Islands released The Data Protection Bill 2016. This bill is designed to balance the rights and duties to safeguard individual’s personal data against public authority requirements.
Essentially personal data must comply with the following principles:-
- Only be communicated if consent has been given, there is a legal obligation or where the data is required in order to meet certain conditions of contracts entered into.
- Only be obtained for one or more specific lawful purpose
- Be adequate and relevant and not excessive for the purpose obtained
- Be accurate and up-to-date
- Not be kept for longer than necessary for its purpose
- Be processed in accordance with the rights of the individual
- Be protected by technical and organisational measures against unauthorised access
- Not be transferred abroad unless the country or territory has adequate level of protection
It is not yet clear when the bill will be brought into force, but the measures suggested will be of benefit to individuals and will only enhance the reputation of the Cayman Islands who already have a reputation as one of the most robust in the world for AML compliance.