DPMAS· Data Privacy and Management Advisory Services
DPMAS · BARBADOS · MMXXVI
Barbados DPA 2019-29

A Caribbean privacy, cybersecurity, and AI governance practice.

Anchored in the Data Protection Act 2019-29 (Barbados).

DPMAS advises Caribbean boards, regulators, and operators on the implementation work that turns the Act from a published statute into a working regime — privacy, cybersecurity, and AI governance, at practitioner level.

Engage the practice Read CyberPulse
I. What we do

Four pillars, one practice.

Independent advisory across the lifecycle of data and digital risk in the Caribbean.

i.

DPO-as-a-Service

Outsourced Data Protection Officer cover for organisations that need statutory accountability without a full-time hire.

More on the lead product →
ii.

Data Protection Compliance

DPA 2019-29 readiness — DPIAs, records of processing, breach response, and the policy infrastructure that makes them defensible.

Read the approach →
iii.

Cybersecurity Advisory

Board-level security posture, vendor and third-party risk, and incident-readiness review — calibrated to the threat surface a Caribbean organisation actually faces.

Read the approach →
iv.

AI Governance & Readiness

Structured assessment and oversight for organisations preparing for sovereign AI deployment — governance before procurement, not after.

Read the approach →
II. Where we work
Financial Services·Government·Telecommunications·Healthcare·Education·Media
III. The practice

A serving practitioner — not an agency.

DPMAS work is led by Steven A. Williams, with engagement teams assembled to the file.

Steven A. Williams

Principal · Consulting Data Privacy and Cybersecurity Officer

Steven advises Caribbean boards and regulators on data protection, cybersecurity, and AI governance. He has contributed to the Barbados Draft Cybercrime Bill, spoken at the Guyana National Democratic Institute and CyberSummit Barbados, and worked across Caribbean media for three decades — a track record that informs how DPMAS communicates risk to non-technical executives and to the public.

Read the full practice profile
IV. Editorial

Reading the regime from inside the file.

A working column, not a content programme.

CYBERPULSE

A column in Barbados Today

Privacy, cybersecurity, and digital sovereignty — read from the practitioner's desk.

CyberPulse is Steven's standing column on the implementation realities of the Data Protection Act 2019-29, Caribbean cyber posture, and the policy infrastructure that the region is still building. Written for executives, regulators, and the engaged public — without the boosterism.

Published in Barbados Today Read the archive →
V. Engage

Three ways to start.

Each path opens with a conversation. Pricing follows scope, not the inverse.

I.

AI Readiness Assessment

A structured DPMAS engagement for organisations preparing to deploy AI — governance, data-flow mapping, and risk artefacts that survive procurement and audit.

Open the conversation →
II.

DPO Retainer

Ongoing Data Protection Officer cover under a fixed monthly retainer — board-level reporting, regulator interface, and statutory accountability without a full-time hire.

Enquire about the retainer →
III.

Project Engagement

Scoped advisory — DPIA, compliance gap review, breach response support, board briefing, cybersecurity posture review. Fixed scope, fixed fee.

Scope a project →

Or write to Steven directly.

Email is the fastest path. A short note describing the file and the deadline is usually enough to determine whether a conversation makes sense.

Principal Steven A. Williams · DPMAS Office #14 Bannatyne Gardens, Christ Church, Barbados Direct T 246.233.0090
E steven@dataprivacy.bb