As Jamaica continues its recovery from the devastating effects of Hurricane Melissa, the Office of the Information Commissioner (OIC) is signaling its ongoing support for organisations struggling to maintain data protection standards during this turbulent period.
Bobique Brown, Communication and International Relations Manager at the OIC, stated that the agency remains fully engaged in providing practical support to data controllers whose digital infrastructure has been disrupted. She emphasized the importance of balancing disaster recovery efforts with core responsibilities under the Data Protection Act.
“We know many entities are operating below capacity, with compromised systems and weakened security layers,” Brown said. “Our role is to ensure they can still meet the basic thresholds of privacy protection — even with temporary fixes or manual fallback methods.”
Brown pointed out that the agency is particularly concerned about the increased vulnerability of personal data in these conditions. Damaged servers, unprotected backups, and ad hoc processing methods can all heighten the risk of breaches or misuse. She urged organisations to treat data privacy as a moral duty, especially in moments when citizens are already facing hardship.
“Privacy isn’t just a legal checkbox — it’s a form of respect. And in times of national difficulty, protecting that privacy becomes a reflection of trustworthiness and professionalism,” she asserted.
The OIC also reminded data controllers that the current registration year ends on November 30, 2025, with the 2025/2026 registration cycle beginning December 1. Entities unaffected by the storm are encouraged to initiate or complete their registration process without delay. Meanwhile, those impacted by the hurricane are advised to register as soon as their systems stabilize.
Brown reiterated that registration is not merely a formality, but a core component of organizational transparency and accountability under Jamaica’s data governance framework.
The OIC has opened its doors for consultation with affected institutions seeking guidance on interim protection strategies, breach response protocols, or registration compliance during recovery. The agency is prioritizing a pragmatic, risk-based approach to enforcement in the wake of national disruptions — while still upholding the fundamental rights of individuals to data privacy.
Organisations in need of advisory support may contact the Office for further assistance as they navigate both regulatory obligations and operational rebuilding in the months ahead.
