12. Information Management in the DFSA
12.1 The statutory obligation on all DFSA employees, agents and independent contractors to maintain confidentiality of information is further reinforced by requiring:
12.2 The DFSA has also adopted physical measures for management of confidential information, such as:
12.3 To ensure the confidentiality obligations in the Regulatory Law and Data Protection Law are met, the DFSA has developed policies concerning the physical management of information by employees in discharging their licensing, supervisory and other regulatory functions. The policies also prescribe procedures regarding information technology security, restricted electronic information access, physical perimeter security, securing evidence, receiving and receipting documentation and designating sensitivity classifications of information.
12.4 When the DFSA receives confidential information pursuant to its statutory powers under the Regulatory Law to compel production of information and documents, the documents are processed according to prescribed procedures. These procedures include processes for the manual and electronic receipt, storage, retrieval and return of confidential information and documents in and from an Evidence Management Facility purpose built to secure confidential information. Only limited nominated staff have access to the restricted area and the compelled documents while they remain in the custody of the DFSA.
Example: The DFSA provides receipts to authorised entities for any documents forwarded to the DFSA or which the DFSA removes during the course of an onsite inspection or visit. |