Press Release: GMSA and Ernst & Young Services Limited Join Forces to Prepare Businesses for Regulatory Changes, Ahead of Guyana’s Data Protection Act
Georgetown, Guyana, January 19, 2024 – The Guyana Manufacturing & Services Association (GMSA) collaborated with Ernst & Young Services Limited on Thursday, January 18, 2024, to host an enlightening event centred around data privacy. The interactive session, facilitated by key players in technology consulting and global compliance from Ernst & Young (EY), aimed to prepare businesses for the impending enforcement of the Guyana Data Protection Act 18 of 2023 and the establishment of a Data Protection Office.
The event welcomed both in-person and virtual attendees, with the GMSA ICT Sub-Sector Chairman, Chet Bowling, emphasising the critical importance of prioritising data privacy in day-to-day business operations. The chairman set the stage for the engaging session that followed, articulating why businesses should make data privacy a top priority.
Privacy Explained
The event featured insights from the Executive Director and Cybersecurity Lead at EY Trinidad, Anil Persad, who delved into the fundamental concepts of privacy. Attendees gained a comprehensive understanding of the principles underlying data protection, setting the stage for the subsequent discussions on compliance. “Concerns about personal data protection and the ways companies use personal information to power the digital economy are driving lawmakers and regulators to ramp up data privacy and protection laws, revise statutes, and debate new rules,” said the Executive Director.
Navigating the Data Protection Act: Key Players and Responsibilities
Candace Lopez, Global Compliance EY Law (Guyana and Trinidad), provided a detailed overview of key terms and responsibilities outlined in the Guyana Data Protection Act 2023. Emphasising the role of the data controller, she explained that the data controller is any person (individual or a corporate body) or public authority who determines the purpose for which personal data is or should be processed, or any person (natural or legal) on whom the obligation to process data is imposed by or under any law. Candace noted that the responsibility lies with the data controller to demonstrate compliance with the Act’s provisions regarding data processing practices.
Preparing for Compliance: A Roadmap for Businesses
After an overview of the Data Protection Act’s specifics, businesses were guided on the next crucial steps towards compliance. Justin Morin, Executive Director, Technology Consulting of EY Jamaica, underscored the urgency for companies to act promptly. Justin outlined a comprehensive roadmap, highlighting the need for businesses to:
- Allocate resources to define a privacy program that complies with the law and generates value.
- Consult a privacy practitioner for expert guidance.
- Sensitise staff about the significance of privacy in their roles.
The Executive Director stressed the need for businesses to integrate privacy best practices and operate with privacy as the new normal.
Looking Ahead: Privacy as the New Normal for Businesses
The event reinforced the idea that privacy should be ingrained in the fabric of business operations. Operating with privacy as the new normal was highlighted as a key takeaway for all businesses, preparing them to navigate the evolving landscape of data protection regulations.
The collaboration between GMSA and Ernst & Young Services Limited showcased a commitment to fostering awareness and readiness among businesses as they braced for the Guyana Data Protection Act. This event is the beginning of a series of initiatives aimed at equipping businesses with the necessary tools and knowledge to protect customer data and comply with data protection regulations. It serves as a testament to the proactive approach needed to navigate the evolving landscape of data privacy.
-END-