OHCSF urges MDAs to comply with new data protection requirements deadline

0
95

By Ijeoma Olorunfemi

The Office of the Head of Civil Service of the Federation (OHCSF)had issued a Guideline on Personal Information Technology Devices (PITeD) provision and usage for Ministries,Departments and Agencies (MDAs),calling for compliance.

Mr Babatunde Bamigboye, Head, Legal Enforcement and Regulations of the Nigerian Data Protection Bureau (NDPB) said this in a statement issued on Friday in Abuja.

Bamigboye said the guideline sought to foster strict adherence to government policies and global best practice in respect of data protection.

National growth LS

“The guideline also provides clarity on the legitimate uses required on the part of users and the consequences of breaching the provisions of the Guideline,among other provisions.

“Each MDA shall ensure that the usage of PITeD is consistent with Nigeria Data Protection Regulation(NDPR) and any regulatory instrument on data privacy and protection in Nigeria.

“The measures to be taken by each MDA for the purpose of data protection and accountability shall include but not limited to designation or appointment of a suitable officer within the MDA as a Data Protection Officer (DPO).

“Development of a Data Protection Policy in line with NDPR and other applicable regulatory instruments on data privacy and protection,” he said.

Bamigboye further said that the guideline required forwarding of the contact details of the data protection officer to the Office of the Head of Service and the NDPB.

It will be recalled that the Secretary to the Government of the Federation, Mr. Boss Mustapha, recently issued a service-wide circular directing MDAs to comply with the provisions of the NDPR.

Dr Vincent Olatunji,National Commissioner of NDPB,was quoted as commending the OHCSF for the effort.

He said that the effort by the Federal Government was a clear demonstration of commitment to fundamental rights and freedoms which were often impacted by data processing.

Olatunji,however, announced the extension of time for data controllers and data processors to comply with the earlier notice on National Data Protection Adequacy Programme (NaDPAP) Whitelist as a way of encouraging MDAs.

According to him, the deadline for the submission of details of Data Protection Officers,Contacts, among others, has now been shifted to January 20, 2023.

Olatunji added that Data Controllers and Processors who submitted before the initial deadline of Nov. 25 had been awarded full marks of ten points under Accountability Metrics and Responsiveness to Regulatory Processes.

He said: “This represents ten per cent of the total number of scores to be awarded in order to be eligible for inclusion on the NaDPAP Whitelist.

“The Bureau will also evaluate data controllers and data processors on other performance metrics including but not limited to Implementation of NDPR Compliant Privacy Policy.

“They will also be evaluated by their sensitisation of Data Subjects on Data Subjects Rights,Filing of Annual Compliance Audit Returns and Globally Acceptable Information Security Certifications.” (NAN)

Follow Us On WhatsApp