Steps towards compliance

Fundamental changes to the data protection compliance regime have been introduced with the new Isle of Man data protection law.  All organisations will need to take steps to familiarise themselves with the new law, including the principles, the requirement for accountability and the ability to demonstrate how they are complying with the law.  In addition, there are enhanced and new rights for individuals, this includes the right to be provided with comprehensive and clear information about the processing of their personal data. 

To be in a position to comply with the obligations, controllers should take steps towards achieving compliance including:

Organisations must be in a position to explain to individuals exactly why their personal data is needed, the lawful reason for doing so and if necessary why it must continue to be processed. They should start, and continue, to review and analyse:

The Commissioner has developed guidance to assist controllers and processors move towards compliance with the new regime.