Ombudsman sees 50% increase in data breaches

| 27/01/2022 | 24 Comments

(CNS): The Ombudsman’s office saw a 15% increase in data protection queries from the public during 2021, largely due to the COVID-19 pandemic and issues around vaccination status. But the office also said there was a 50% increase in the number of data breaches being reported, where personal data had been accessed, lost, altered or disclosed in an unlawful or unauthorised manner.

In a press release to mark International Data Protection Day on Friday, officials said that data protection legislation is more crucial to privacy and information rights than ever, given the onset of the Omicron variant of the SARS-CoV-2 virus.

“Our office has released public guidance within the past year on data protection issues related to employees’ Covid vaccination data,” said Deputy Ombudsman (Information Rights) Jan Liebaers. “We also continued to receive more reports of data breaches and complaints about data protection during 2021 – the second full year Cayman’s Data Protection Act (DPA) has been in effect.”

The DPA contains important rights for individuals, including the right to be informed about how personal data is being used. Individuals also have the right to request corrections to inaccurate personal data, to object to direct marketing and to request access to their personal data.

“Letting individuals know about their data rights and investigating complaints and data breaches is now the single busiest area within our office – particularly as more day-to-day commerce and public interactions have moved online in the wake of Covid shutdowns and work-from-home solutions,” Liebaers added.

The Ombudsman oversees and enforces the DPA and everyone has the right to complain to the office if they believe their data is not being processed in compliance with the Act. The Act sets the rules for the use of personal data by public and private sector organizations based on eight core data protection principles. Those cover fairness, adequacy, retention and security of personal data processing, among other requirements.

For more information, including FAQs, guidance and other resources concerning data protection rights and obligations visit the website here or send questions to

Share your vote!

How do you feel after reading this?
  • Fascinated
  • Happy
  • Sad
  • Angry
  • Bored
  • Afraid
Print Friendly, PDF & Email

Tags: , , ,

Category: Government oversight, Politics, Private Sector Oversight

Comments (24)

Trackback URL | Comments RSS Feed

  1. Anonymous says:

    Would be interested to find out how many times data has breached by government agencies to CMR.

  2. Anonymous says:

    Who is the new ombudsman?

    • Anonymous says:

      There is an ongoing competition.

    • Anonymous says:

      Who cares. They don’t do shit, in part because the law is not adequate. It is all smoke and mirrors to pretend there is oversight of an increasingly reckless and wasteful civil service. Governance without accountability. That’s what we have, and what we are doomed to keep.

  3. Anonymous says:

    This is 20th on your list of top 10 problems.

  4. Anonymous says:

    Yea yea…govt can do anything and get away with it…zzzzzzz

    • Anonymous says:

      9:29 I suspect these breaches were in the private sector. I can only imagine what would happen if the private sector was subject to FOI.

      • Anonymous says:

        The private sector is subject to the Data Protection Law…private sector companies must report personal data breaches and many do.
        You want a copy of your personal data held by a private company? You can request it.

  5. Anonymous says:

    Just a talking shop with no teeth. Staffed by good people who want the best, but not given the power to hold departments to credible account or specific individuals involved unless corruption can be proven and the ACC or police get involved.
    A telling off is about as good as it gets so until charges of misconduct are brought against those who deliberately abuse the law, nothing will change.

    • Anonymous says:

      Good people? To start, yes, but at what point do they become enablers? At what point are they facilitators of all that is going wrong?

      • Anonymous says:

        When they’re not given the authority to stop the transgressions that are happening under their noses and act against those responsible.
        Sadly, that becomes the enabling process of which you speak.

        • Anonymous says:

          But when they do not shout from the rooftops that their hands are tied, and despite their efforts, the shit-show continues, they eventually become complicit. They have to protect their unfunded pension and healthcare, after-all.

  6. Anonymous says:

    The breaches have always been there but now that there is a mandatory reporting requirement they are slowly coming to light. The problem is that many companies still ignore or purposefully hide breaches (even law firms) because they are embarrassing and cost money to deal with in serious cases.

  7. Anonymous says:

    We really don’t care. You should be focusing much more on good governance, something that is sorely lacking, and much more important than an accidentally mis-sent e-mail. When is your office going to hold anyone in the civil service accountable, for anything?

    • Unhappy Caymanian says:

      You will care when your data is used for financial fraud or any other fraud.

      I’ll see how funny you think loosing your home is at that point or when the police come knocking at your door.

      LOL funny isn’t it!

      • Anonymous says:

        No I care because I believe the police have a corruption and ineptitude problem, the civil service have a spending money and ineptitude problem, and the entire Cayman government seems to have an accountability problem. Pension monies are freely stolen by unscrupulous employers. Lives and careers are already being lost, and my home (and yours) is being bankrupted. The Ombudsman’s office is the watchdog. It is failing to have any meaningful effect. So yes, there are MUCH more important things than a mis-sent email for them to be focusing on.

  8. Anonymous says:

    mUcH Digital Identify cards BOBO

  9. Anonymous says:

    Those of us that are vaxed have a right to know who isn’t

  10. Anonymous says:

    CIG sloppy and careless with protection of personal data and leaking confidential information, which is protected as fundamental human right to privacy.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.