Data Privacy Day is a global effort taking place annually on January 28th that generates awareness about the importance of privacy, highlights easy ways to protect personal information, and reminds organizations that privacy is good for business.
Worldwide, data subject, data practitioners and tech enthusiasts United to commemorate the day by bringing awareness to data protection and other privacy challenges and concerns that face the world.
The Executive Director of the Data Protection Commission, Patricia Adusei-Poku, as part of the celebration of the Global Data Protection Week, started with media engagement session where she updated the media on the account of the Commission’s activities in the year 2021, in Accra, on Wednesday 26th January, 2022.
The theme for the celebration is “Transparency, Trust and Transformation in a Digitised Ghana”, the week-long nationwide awareness activities to sensitise the general public about Data Protection and Privacy, comes with different methodologies to achieve their objectives.
Ms. Patricia Adusei-Poku, explained that, the Data Privacy Day otherwise known as the Data Protection Day is a global event celebrated on the 28th of January every year to create awareness among data subjects and businesses about the importance of protecting privacy as a Fundamental Human Right.
“the main objective of the Data Protection Day is to inform and educate the public at large of their day to day rights and also provide professionals with the opportunity of meeting Data Subjects” she added
Speaking on the objectives, Ms. Patricia noted that,the Commission is working tirelessly with all its available resources sensitizing the general public on Transparency, Trust and Transformation to promote the rights of individuals as well as educate the Public and Private sector to fully demonstrate and evidence to their Data Subjects collaboratively towards the National Transformation Agenda.
She said that, “The DPC continues to engage the public-private sector through forums, workshops, webinars, and free drop-in sessions among others to create more awareness on the importance of ensuring data privacy in businesses to meet the reasonable expectation of the general public”.
Madam Adusei-Poku emphasis that,
the DPC is engaging some critical stakeholders in a collaborative effort to step up public education on the need to protect personal data, monitor the compliance status of Data Controllers. These institutions include the Ministry of Health, Ministry of Education, Controller and Accountant Generals Department, Ministry of Justice and the Attorney General’s Department, Electoral Commission together with various civil servants’ groups at the national and regional level.”
“DPC and the Internal Audit Agency have signed an MOU in a collaborative effort to train all Internal Auditors nationwide to expand the scope of the audit to include the requirements of Act 843”,she disclosed.
She stated that the collaboration will drive a nationwide adherence and consistent approach to implementation and also enable the monitoring of accountability in the processing of personal data.
“DPC to improve on its state of maturity as a newly established government institution such as enhancing the capacity of its personnel, has acquired a state-of-the-art Registration Software for more effective and efficient delivery of its mandate”, she said.
Speaking on the online registration,she noted that, Applicant Data Controllers now has a login to a profile area that provides them visibility into their registration record hence one can log in whenever, to review, amend, or update your information held. The system automatically assesses your institution’s state of compliance as you complete your form online.
Madam Patricia Adusei-Poku said, the DPC accreditation process is to ensure that the quality and standard of training is maintained nationwide. This will enable a consistent and standardised approach to the implementation of privacy programs by institutions who have understood the Commission’s mandate and expectations. They will use the official manual and deliver the same course as is being offered now.
Hence the general public should always verify that an institution is accredited by the DPC to offer data protection training to ensure the quality and standard of training will be acceptable for our compliance requirements.
She note that, in October 2020 they successfully launched the new registration software, the DPC expects all affected by the Data Protection Act 2012, (Act 843) (which is every entity in the country) to duly register and pay the required fees as a legal obligation.
Madam Patricia Adusei-Poku finally noted that,transitional provisions in Section 97 of Act 843, which stipulate that if your entity existed before May 2012, you should have registered within 3 months from August, 2012 and renewed your license 2 years.
“Newly incorporate entities should register within 20 days of the business commencement ” she said.
By: Sheila Satori Mensa