Compliance with principles and security obligations
Emergency Powers legislation has given additional powers to Tynwald, the police and government departments to manage the COVID-19 crisis, protect the public, maintain essential public services and implement assistance packages for businesses, etc.
Other existing legislation and legal obligations continue to apply and the data protection legislation provisions are unchanged.
Controllers must continue to comply with the data protection principles and ensure the security of personal data.
In addition, controllers must implement appropriate technical and organisational measures to ensure, among other things:
- the ability to ensure ongoing confidentiality, integrity, availability and resilience of processing systems and services
- the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
Guidance is available at:
Exemptions from complying with the principles are restricted to those specified in Schedule 9 to the GDPR and LED Implementing Regulations