|Recent Changes in the Data Protection Law with respect to Dubai International Financial Centre
The Dubai International Financial Centre is governed by Data Protection Law No 1 of 2007, which is currently in the process of being overhauled. The proposed law has already been released for public consultation and will be enacted soon.
The critical aspects of the legislative proposal include:
SKP has been helping clients across the globe to ensure a successful and hassle-free GDPR compliance through a four-step approach:
- Realigning the current law from being purely EU-focused to global by incorporating international data protection standards, including elements of the EU General Data Protection Regulation and the California Consumer Privacy Act;
- Expanding the compliance framework and safeguards to include principles of accountability, jurisdiction, data breach notification, prior consultation, and data protection officer appointments;
- Providing for clarity on consent and data subjects’ rights concerning advance technology developments; and
- Revision of powers of the Commissioner of Data Protection, administrative requirements, and sanctions/enforcements.
Discover - Identify the type and location of personal data
Manage - Govern how personal data is accessed and used
Protect - Advise on establishing security controls to prevent, detect, and respond to vulnerabilities and data breaches
Report - Maintain required documentation and manage data requests and breach notifications
As a result of in-depth understanding and expertise over the subject matter, SKP's team is in a position to clearly explain the changes and its implications to you and help you migrate seamlessly to the new regulation.
For more information on business and regulatory environment in DIFC, please get in touch with our experts.