top of page
Bermuda flag waving.jpg

Week 1: Feb 5, 2024

  • Activity: CEO Endorsement Letter Available

​

​

​

​

​

Week 2: Feb 12, 2024

  • Activity: Designate a Privacy Officer (PO), Monitor privacy compliance, foster a culture of privacy.

​

​

​

​

amerika_bermuda_pink_sands_horseshoe_beach_shutterstock_104381525.jpg

Week 3: Feb 19, 2024

  • Activity: Conduct all staff training on Privacy basics.

​

​

​

  • Event: Coming in March 2024! PIPA Unveiled

46768332064_e911e930f5_b.jpg

Week 4: Feb 26, 2024

  • Activity: Create a list of business units.

​

​

  • Resource: How Investing in a Privacy Program Pays Off

​

​

​

Week 1 - 4
Bermuda_Bermuda Botanical Gardens_edited.jpg

Week 5: Mar 4, 2024

Barrs Bay.jpg

Week 6: Mar 11, 2024

EAfn3MwWkAYPIGJ.jpg

Week 8: Apr 1, 2024

Week 5 - 8
Easter Kites.jpg

Week 9: Apr 8, 2024

Activity: Identify the purposes for which you use Personal Information?
 

Tool: PrivCom Checklist
 

Resource: Purpose Limitation
 

Event: Commissioner White visits IAPP Global Summit 2024

​

​

Lilium_longiflorum_(Easter_Lily).JPG

Week 10: Apr 15, 2024

Activity: Review the meaning of 'Sensitive Personal Information'.
 

Tool: Data Map - What Personal Information Do You Hold?
 

Resource: Sensitive Personal Information.
 

Event: Deputy Commissioner: Angie Farquharson

​

unfinished-church-st-george-bermuda.jpg

Week 11: Apr 22, 2024

Activity: Review appropriate conditions for using personal information
 

Tool: Conditions for using personal information: Scenarios
 

Resource: Conditions For Using Personal Information
 

Event: Questions for Commissioner White submissions - closed

EmIrEpeWoAABXxg.jpg

Week 12: Apr 29, 2024

Week 9 - 12
Bermuda.jpg

Week 13: May 6, 2024

Activity: Raise awareness by discussing the risks & harms of misuse of personal information at a general staff meeting

​

Tool: Privacy Risk Threshold
 

Resource: What's the harm if personal information is misused?
 

Event: Privacy Pro Information Session

​

​

​

​

Week 14: May 13, 2024

Activity: Ask members of the Privacy Committee to identify potential risk of unauthorised use or access to personal information

​

Tool: Privacy Impact Questionnaire
 

Resource: How The Privacy Pro does PIAs

​

Event: 'Road to PIPA' Survey

​

​

​

​

Jet-Blue-Bermua-1024x683.jpg

Week 15: May 20, 2024

Activity: Identify controls to mitigate risk and ensure the business purpose can still be accomplished.

​

Tool: Security Safeguards
 

Resource: The 8 themes of IASME Cyber Baseline
 

Event: PIPA Compliance facilitated by Duncan Card of Appleby Global

​

​

​

SPC-Aug-22-2048x1208.jpg

Week 16: June 3, 2024

Activity: Work with Privacy Committee to set a realistic timeline for implementing controls needed to mitigate risk

​

Tool: Privacy Impact Assessment findings and Mitigation Plan
 

Resource: Mid-Atlantic Privacy: Our Community Needs a Data Protection Social Contract
 

Event: Privacy Impact Assessments: Dr Marissa Stones

​

Week 13-16
IMG-20220618-WA0008.jpg

Week 17: June 17, 2024

Activity: Identify common scenarios where security might be breached & use the PIA to assess how this might affect both the individuals and the business

​

Tool: What happens if there is a breach?
 

Resource: Revisit Risk Assessment resources - Weeks 13 - 16
 

Event: Policy Writing & Record Keeping for PIPA - hosted by Data Protection People.

​

​

​

​

​

1687803486005.png

Week 18: June 24, 2024

Activity: Work with Privacy Committee members to create procedures for their units/processes using information from the data life cycle

​

Tool: HR Privacy Policy & Procedure Checklist

​

Resource: Maintaining privacy in email communication

​

Event: KPMG Webinar 1: Implementing Privacy Programs – Common Pitfalls and Pain Points, 28 June 10.30-11.15am AST

​

​

​

​

blue-marlin-bermuda-fishing-leaping-water-1024x768.jpg

Week 19: July 1, 2024

Activity: Document internal procedures for staff

​

Tool: Internal Privacy Procedures Template
 

Resource: Q3 Checklist
 

Event: Policies and Procedures with Nancy Volesky (youtube.com)

​

​

​

​

​

​

​

​

Bermuda-Pink-Sand-Beach.jpg

Week 20: July 8, 2024

Activity: Create a retention & destruction schedule:

  • How long does each unit need to retain PI?

  • Are there legal requirements besides PIPA

​

Tool: Data Retention & Destruction Schedule Template 

​

Resource: PIPA, Bermuda’s privacy law

 

Event: KPMG Webinar 2: Deep Dive: PIPA vs GDPR – 15 July

​

​

​

​​

Week 17-20
CupMatchCover1.jpg

Week 21: July 15, 2024

Activity: Hold a Staff Training Event

​

Tool: Revisit Policies & Procedures Tools Wks: 18-20
 

Resource: GPEN Press Release
 

Event: Navigating PIPA Compliance: Royal Hamilton Amateur Dinghy Club

​

​

​

​

​

download.jpeg

Week 22: Aug 12, 2024

Activity: Develop role-based training for individual staff that use personal information in the workplace. Make sure that training is: 

* Targeted

* Practical

* Actionable

​

Tool: Training vs Awareness

​

Resource: Guidance: Privacy in the Workplace

​

Event: Lightning Talk - Duncan Card: Partner - Appleby (Bermuda) Ltd

​

​​​

_SEL0017-min.jpg

Week 23: Aug 19, 2024

Activity: Conduct Role-Based Training. Remember, it needs to be:

*Targeted

*Practical

*Actionable

​

Tool: Employee Scenario
 

Resource: Protecting Personal Information in the Medical Field
 

Event: Road to PIPA: Weeks 1-21 Overview

​

​​​​​​

​

​

Bermuda-for-Kids-1-1024x764.jpg.webp

Week 24: Sept 2, 2024

Activity: Staff may be able to describe aspects of their work that the Privacy Committee are unaware of. Adapt procedures as needed!

​

Tool: Staff training feedback questionnaire

​

Resource: 

 

Event: KPMG Webinar 3: Deep Dive: Data Mapping & RoPA :Road to PIPA webinar 3: Deep Dive: Data Mapping & RoPA​​​​​

Week 21-24
bottom of page