Srikant Ranganathan addressed the Bahrain Chapter of the Institute of Chartered Accountants of India (BCICAI) on Bahrain’s upcoming personal data protection law (PDPL) on 26 February. Speaking to a packed audience at the BCICAI’s ‘High Tea’ event, Srikant explained that Bahrain had released Law 30 of 2018, the Personal Data Protection Law (PDPL) in July 2018, with the PDPL coming into force on 1 August 2019. The PDPL gives individuals and entities in Bahrain rights in relation to how their personal data can be collected, processed and stored. It imposes new obligations on how businesses manage data. Under the law, personal data must be processed ‘fairly’. Data owners must be notified when their personal data is collected and processed. Personal data must be stored securely. Data owners can exercise their rights directly with businesses. The PDPL also requires entities to seek prior approval from the relevant data protection authority (DPA) when collecting, processing and storing personal data. In a striking contrast to the EU’s recently implemented GDPR, the PDPL includes severe penalties (including jail time) for non-compliance.
Keypoint was one of the first professional firms in the region to understand and highlight the challenges that personal data requirements – whether the EU’s GDPR or Bahrain’s PDPL – will have on Bahraini businesses. For more details on how our data privacy team can help you, or to request a gap assessment, contact Srikant Ranganathan at firstname.lastname@example.org.