Office of the Information Commissioner

(Not yet operational)


Office of the Information Commissioner 

The Office of the Information Commissioner is responsible for the protection of citizens’ personal data that is held by a public body. The Commissioner conducts audits and investigations and ensures compliance with any provision of the Data Protection Act (Chapter 22:04). 

Objectives

  • The Office advises on the privacy protection implications of proposed legislative schemes or government programmes and receives representations from the public concerning data protection and privacy matters.
  • After hearing representations from the Head of a Public Body or an organisation subject to a mandatory code of conduct and who may be engaged in processes that may be in contravention of the Data Protection Act, the Office orders the public body or organisation to cease collection practices or destroy collections of personal information that contravene the Act.
  • The office can authorise the collection of personal information otherwise than directly from the individual in appropriate circumstances; authorise data matching by a public body or public bodies; make orders, including such terms and conditions as the Commissioner considers appropriate, following an appeal or complaint filed by an individual pursuant to section 58, 78 or 79A of the Data Protection Act. 
  • The Office can make orders regarding compliance with the General Privacy Principles set out in section 6 of the Data Protection Act by a public body or an organisation subject to a mandatory code of conduct.

Functions

  • (i) To publish guidelines regarding compliance with the Data Protection Act, including but not limited to guidelines on the development of industry codes of conduct, firm compliance policies, procedures for handling complaints, guidelines dealing with conflict of interest for industry bodies or individuals who mediate or deal with complaint resolution, guidelines dealing with security of information and information systems, and guidelines for information sharing agreements or data matching agreements.

  •  (ii) Exercise his corporate powers in relation thereto in such manner as he thinks fit, in accordance with the Act.
  •  (iii) Make such administrative arrangements as may be necessary for the proper conduct of his functions; and exercise such other powers as may be assigned to him under any other written law.

Responsibilities 

  •  (a) Promote the development of codes of conduct for guidance as to good practice
  • (b) Promote the adherence to good practices by persons subject to this Act

  •  (c) Disseminate information about this Act
  •  (d) Monitor compliance with this Act
  • (e) Co-operate with counterparts in other jurisdictions to promote the protection of personal privacy in the public and private sectors
  •  (f) Carry out special studies or research regarding privacy or related issues
  • (g) Bring to the attention of the head of the public body or organisation subject to a mandatory code of conduct any failure to meet the standards imposed by the General Privacy Principles set out in section 6 of the Data Protection Act or the responsibilities established by Part III and Part IV of the Act
  •  (h) Issue public reports on the status of compliance with the Act
  • (i) Review and approve privacy impact assessments as required by the Act and
  • (j) Exercise such other functions that may be assigned to him under any other written law.

Location

The Information Officer is currently located at Ministry of Communications, TIC Building, Lady Young Road, Morvant.