Brown urges faster cybersecurity legislation after reported NHF cyber incident

Jamaica's Opposition spokesman on science, technology, and digital transformation, Christopher Brown, is pressing the government to accelerate the introduction of cybersecurity legislation. This call comes in the wake of a reported cyber incident involving the National Health Fund (NHF), which Brown argues underscores the critical need for immediate action. Brown stated that the NHF incident highlights the urgent necessity for a comprehensive Cybersecurity Act, emphasizing that the legislation should be tabled this year rather than postponed until 2027. He noted that Health and Wellness Minister Dr. Christopher Tufton confirmed that individuals claiming to have accessed sensitive NHF information had contacted the agency. Although the alleged breach is still under investigation by the Office of the Information Commissioner and the Major Organised Crime and Anti-Corruption Agency (MOCA), Brown pointed out that the reportedly compromised data includes sensitive beneficiary and medication details. "The NHF incident underscores precisely why that legislation can no longer be delayed," Brown asserted in a statement. He previously warned Parliament about Jamaica's urgent need for a Cybersecurity Act to establish minimum security standards, accountability frameworks, and enforcement mechanisms for government entities. Brown also cited government figures indicating a dramatic rise in cyber incidents, from approximately 12 million in 2022 to 49 million in 2025, reflecting a rapidly escalating threat environment targeting public institutions and citizens' personal data. Brown argued that Jamaica currently lacks a dedicated legislative framework compelling public bodies to meet baseline cybersecurity standards before breaches occur. He believes the government's projected timeline for introducing cybersecurity legislation in 2027 is inadequate, given the recent developments and the escalating threat landscape. He renewed his call for the government to fast-track the drafting and tabling of a Cybersecurity Act, warning that delays leave citizens, institutions, and the nation's digital infrastructure unnecessarily vulnerable to cyber threats.

“

The NHF incident underscores precisely why that legislation can no longer be delayed.