To enhance innovation and digital trust  Transportation, Communications and Information Technology issues a Personal Data Protection Policy

To enhance innovation and digital trust Transportation, Communications and Information Technology issues a Personal Data Protection Policy

August 11, 2024

The Ministry of Transport, Communications and Information Technology recently issued a Personal Data Protection Policy, which seeks to establish a set of controls to protect personal data, including its processing, storage, disclosure, access, modification, review and destruction.

 

Policy Objectives

 

The policy aims to benefit from the value of personal data as an economic resource that contributes to economic transformations and supports innovation in various sectors and improves the data owner's confidence in the ability of government units to act and deal with personal data in a safe manner that adheres to laws and policies. It also aims to apply the best international practices in the field of personal data protection and enhance the value derived from it in improving performance and productivity, facilitating the provision of public services to citizens and finding a balance between the rights of individuals to protect their personal data and the need to process and use data in cyberspace.

 

 

Policy Provisions

 

This policy stipulates the obligation to protect and collect personal data and information through legitimate and fair means; The collection shall be limited to what is necessary to meet its legal requirements or related to its direct practical activity; with the necessity of ensuring that the person concerned with the personal data has knowledge and has expressed his consent to the processing of his data, and that the consent shall be in the form of a statement stating that by submitting a request to obtain the service, he agrees to the processing of his data or its disclosure to other government units in the Sultanate of Oman for the purpose of meeting his current and future requests for government services.

 

Security measures

 

The policy also requires government units that request or process personal data and information to implement security and organizational measures capable of protecting the data from unintended or unauthorized destruction, accidental loss, or any other forms of processing; and the necessity of putting in place adequate security precautions for all systems and storage media concerned with dealing with data to prevent any type of hacking, including processing personal data within the geographical borders of the Sultanate of Oman to ensure the preservation of national sovereignty over this data and protect the privacy of its owners, and the correct mechanism for dealing in the event of any leakage, damage, or hacking of personal data.