Data Protection bill passed in Barbados

Barbados has become one of the first English-speaking Caribbean countries to pass a GDPR-like data protection law. The legislation includes many aspects similar to the GDPR, including the right to access data, having data erased, and restrictions on processing. Companies also have 72 hours to report data breaches under the new law.

A key difference between the Barbados Data Protection Act and the GDPR is that the former law limits fines to about USD $250 000. Other Caribbean jurisdictions with data protection laws include Saint Vincent, Saint Lucia, Antigua and Barbuda, and Saint Kitts and Nevis – which were drafted in 2015 or earlier. The Cayman Islands also passed a GDPR-like data protection law in 2018.