Ghana’s Data Protection Commission, working closely with the Public Procurement Authority, is setting new rules to drive compliance in the West African country of some 30 million people. Business enterprises or organisations without data protection compliance status will not be eligible for government contracts.
Under the Data Protection Act, Ghana’s principal privacy legislation, firms without data protection license or compliance status are automatically cancelled out of government jobs.
Executive Director of the Data Protection Commission, Patricia Adusei Poku, said the new order has become necessary to protect clients and the general public from data abuse, since the country is embarking on many digital initiatives. She was speaking at a recent function in Accra to mark the Data Protection Week,
Obtaining a compliance status from the commission is a basic requirement for firms that deal in data collection for their daily activities, she said.
Her words: “We are working with other regulatory agencies and government authorities to begin demanding a data protection license from contractors. The Public Procurement Authority is collaborating with us on that to ensure that all contractors have license as a mandate before giving any project.”
The new requirements in Ghana may drive data privacy compliance faster than the case in Nigeria where the regulator has recorded steady compliance by corporate Nigeria since the Nigeria Data Protection Regulation (NDPR) was issued in 2019 by the National Information Technology Development Agency (NITDA).
NITDA recently unveiled the NDPR Performance Report for 2021 showing a remarkable level of compliance by individuals and corporate entities as the Nigeria’s data protection industry gathers momentum. Data privacy audit compliance has grown from zero in 2018 to 635 in 2020 and over 1,230 audit compliance in 2021.
Additional Report: MyJoyOnline