The Healthcare Sector Seminar, held on October 22 and jointly organized by the Ministry of Industry, Innovation, Science and Technology and the Office of the Data Protection Commission, marked a pivotal moment for Barbados’ healthcare industry. The event, attended by a diverse group of stakeholders including the Barbados Drug Service, public and private pharmacies, medical practitioners, and ancillary healthcare providers, focused on reinforcing data protection and cybersecurity obligations within the sector. Minister of Innovation, Industry, Science and Technology Senator Jonathan Reid opened the seminar with a personal reflection on the importance of safeguarding patient information. He highlighted a common issue in healthcare settings: the repeated collection of personally identifiable information (PII), which increases risks of human error, unauthorized disclosure, and data misuse. This practice, as outlined in the Barbados Data Protection Act (2019-29), violates the principles of data minimization and purpose limitation. The seminar emphasized the need for healthcare organizations to transition from awareness to actionable compliance. Data Commissioner Lisa Greaves detailed the statutory obligations under the Act, stressing the importance of written policies, risk assessments, and the appointment of a Data Privacy Officer. She clarified that while healthcare data is not explicitly categorized as ‘sensitive’ under the Act, it must be treated as high-risk due to its deeply personal nature. Legal and Data Privacy specialist Jabarry Garnes introduced the concept of Privacy by Design, advocating for the integration of privacy protections into healthcare systems from the outset. Patricia Rowe-Seale, the government’s chief information security officer, addressed cybersecurity risks, emphasizing the need for continuous monitoring and layered defense strategies. The seminar concluded with a call for healthcare organizations to adopt compliance, privacy-focused design, and cybersecurity resilience as interconnected priorities. The road ahead presents challenges, including resistance to change and the adoption of formal privacy programs. However, the event signaled the beginning of a transformative journey toward modern, compliant healthcare practices in Barbados.
Healthcare data protection in Barbados: Seminar signals shift from education to enforcement
