DATA PROTECTION COMPLIANCE
In early 2022 Kenya’s new data protection regulations came into effect, governing what businesses inside and outside the country can do with information about Kenyan citizens. The law is far-reaching and will have a significant impact on how many companies process data. It represents a major step forward for people’s online privacy in the country. There are key focus areas by the Data Protection Act 2019, they are;
1
PERSONAL PRIVACY
With DPA, individuals have a right to access, correct, export, object to processing of their personal data or request to be forgotten by the entity holding their data. All this rights have be managed and processed within 30 days of request.
2
DATA INVENTORY
The DPA requires organizations to understand what types of data they collect, process and store. It also is required that all data be classified in terms of who has access and what access rights is assigned to the authorized parties.
3
CONTROLS & NOTIFICATIONS
The regulation has put in strict security requirments on personal data. The entities have a breach notification obligation as well as appropirate consents for data processing. A breach should be reported within 72 hours of realization.
4
TRANSPARENT POLICIES
DPA requires that organizations provide transparent and easily accessible policies regarding; notice of data collection, notice of processing, processing details and data retention and deletion. The Privacy policy document should well describe the above functions.
5
IT & TRAINING
Businesses will need to invest in Data Protection Officers or outsourced DPO in order to meet the compliance. Training across the organization will be neccessary so that evryone knows their responsibility. The Incidence procedure should also be clear and communicated to all staff.
6
MONITORING & EVALUATION
After meeting all the requirements, the organizations are meant to monitor and improve on the processes and procedures to data protection compliance. This includes automation, frequent policy reviews, and contractual improvements with the contractors.
DATA PROTECTION MANAGER
It is a difficult task for you as a Data Protection Officer (DPO) or Organization to meet all legal and regulative requirements for data protection. We have thought about the mandate of the DPO and the requirements of data protection compliance and we build the Data Protection Manager with you in mind.
The Portal offers you a digital and cost-effective solution to focus again on your business model without risk of deviations and regulatory fines. With your input, we are able to align your organization to the DPA and allow you to focus on what matters most to you – Your Business.
We have included helper modules like:
- Policy Framework
- Vulnerability Scan
- Awareness Training
- Data Inventory/registry
- Request Management
- Data Protection Impact Assessment
- Technical & Organizational Measures (TOMs)
DPA SELF ASSESSMENT
DPA Self assessment to measure the current compliance without the need for extenal support.
COMPREHENSIVE
A detailed and comprehensive action plan is provided to plan and implement the most important measures.
DASHBOARDS
Data Protection Manager dashboards keeps track of compliance processes, procedures and improvements.
SUPPORT
Data Protection experts support in case of special data protection questions as well support the platform.
ENQUIRE MORE TODAY…
Want to get a feel of the Data Protection Manager, or want to Outsource your DPO roles, get in touch and we shall talk back to you.
BOOK A DEMO