Data Handling and Protection Regulation
Regulating the Use, Storage and Processing of Data by QCB-Regulated Financial Institutions
Part A - General Provisions
Article 1 - Definitions
# | Term | Definition |
1 | (Semi-)Autonomous Decision-Making Systems | Computational systems, algorithms, or technologies that use data processing capabilities to make decisions or perform actions, either independently (autonomous) or with limited human oversight (semi- autonomous), impacting outcomes related to individuals or entities. |
2 | Bank Secrecy | As defined in QCB Law. |
3 | Data Breach | An incident where sensitive, confidential, or protected data is accessed, disclosed, or stolen by unauthorized individuals. |
4 | Data Privacy Breach | An incident where personal information is accessed, disclosed, or used by an authorized individual in ways that exceed their legitimate permissions or for purposes that are unauthorized, unethical, or illegal. |
5 | Data Mapping | A process of identifying, cataloguing, and documenting the flow of data within an organization. It involves creating a detailed representation of how data is collected, stored, processed, transferred, and shared across systems, applications, and stakeholders. |
6 | Data Privacy Officer (DPO) |