Personal Information Data Privacy

by Bill Grieve

Tue, 04 April 2023

Personal Information Data Privacy

Who has your personal information data and what are they doing with it?

Bahrain This Month’s Bill Grieve delves into Personal Data Privacy and looks at who safeguards personal data, what safeguards individuals can take and what to do if you suspect the law(s) regarding your personal data have been breached or broken in Bahrain. Speaking to Yaqoob K. Alrayes the Data Protection Guardian – Information Security Department – Governance, Risk, and Compliance Unit with a leading financial institution, BTM provides some additional guidance on this delicate and sensitive issue.

What is Personal Data?
Personal data refers to any information in any form concerning an identified individual, or an individual who can, directly or indirectly, be identified.

In Bahrain it has become all too common to share sensitive personal data across methods like Whatsapp, Messenger, Airdrop, Email and even just by allowing photographs or scans of confidential documents to be taken. This is seriously advised against, and people are cautioned – do not share your information “willy nilly”. Sharing information recklessly and without safeguards or assurances puts the identity of an individual at high risk and places the individual in potential jeopardy.

Always keep your personal data and documents safe and guarded. If storing information on a computer or PC, ensure that a secure digital vault or encrypted drive is used, on a phone use whatever software can be obtained and afforded to keep the phone secure, and personal data and photographs/documents stored securely.

When personal information or data needs to be shared always check that the company has an approved and up to date Data Privacy Policy, always check that the individual you are giving your information to has the authority and responsibility to receive and be in possession of your information. Remember a lie travels around the world before the truth can put its shoes on in the morning.

In today’s digital age, sharing personal data with companies has become a widespread practice. Whether it’s signing up for a new service or making an online purchase, we often find ourselves sharing our personal data with companies. However, it’s crucial to take safeguards to protect personal data when sharing it with companies.

The first step to safeguarding personal data is to read the company’s privacy policy before sharing any data. It is essential to understand how the company will use your data, who they will share it with, and what safeguards they have in place to store and protect it. This information will help you make an informed decision about whether to share your personal data with the company or not.

When sharing personal data, only provide the necessary data required to receive the service or product you need. Avoid sharing sensitive data such as your CPR number, driver’s licence, or bank account details unless it is absolutely necessary.

Use a secure internet connection when sharing personal data online, and avoid using public Wi-Fi networks, which may be unsecured and vulnerable to hacking. Look for the padlock icon or ‘https’ in the website address to ensure that the connection is secure.

Check whether the company has agreements with third-party service providers and how they handle personal data. Ensure that the third-party providers have adequate security measures in place.

If possible, opt-out of data sharing or marketing communications when sharing personal data with a company. It’s also essential to keep a record of the companies you have shared your personal data with and the data you have shared. Regularly review your privacy settings and delete any unnecessary data.

In conclusion, safeguarding personal data when sharing it with companies is crucial in today’s digital age. By following these safeguards, individuals can protect their personal data from misuse or compromise and minimise the risk of identity theft or other cyber threats.

The Bahrain Government formed the Personal Data Protection Authority (PDPA) and promulgated laws, specifically Law No. (30) of 2018 on 19 July 2018, with respect to personal data protection. The Law aims to protect the rights and freedoms of individuals and their personal data, by establishing a legal framework that defines the methods and means of processing data in a way that gives individuals confidence in all matters concerning their data handled by companies and organisations, and to be managed in an accurate, up-to-date, and secure manner.

The Law came into effect on 1 August 2019. The Ministry of Justice, Islamic Affairs and Waqf was designated, by Royal Decree No. (78) of 2019, to assume the duties of the Personal Data Protection Authority (PDPA).

If you feel your personal data or information may have been compromised, you can report it to the PDPA – see more about the Personal Data Protection Authority by visit below link

Be careful with your information – information you share may be used nefariously and your identity, bank accounts and assets may be put in danger and at risk if you are not careful.