Data Protection
Sequel to the European Union (EU) General Data Protection Regulation (GDPR) that came into effect on 25th May 2018, and pursuant to Section 6 (a) and (c) of the National Information Technology Development Agency (NITDA) Act, 2007, the Agency (NITDA) had issued a domestic version for Nigeria on the 25th of January 2019, called the Nigeria Data Protection Regulations (NDPR) 2019.
The NDPR was made in recognition of the fact that many public and private bodies have migrated their respective businesses and other information systems online. These information systems have thus become critical information infrastructure which must be safeguarded, regulated and protected against all kinds of breaches.
By the virtue of the NDPR, 2019 (Nigerian Data Protection Regulations), it is compulsory for all data controllers and administrators in which your reputable organization falls under to comply with the dictates of the NDPR and you will need the assistance of a Certified and Licensed Data Protection Compliance Organization (DPCO) to ensure that your organization is in full compliance and file the required data compliance Audit at NITDA as at when due to avoid sanctions of administrative penalties and or criminal prosecution.
DATA PROTECTION COMPLIANCE SERVICES – NDPR 2019
OUR OFFERINGS – DATA PROTECTION COMPLIANCE SERVICES
DATA PROTECTION COMPLIANCE SERVICES
IPI Strategy Partner with vast experience in Information Technology Solutions and Consultancy and capacity building is a licensed Data Protection Compliance Organization(DPCO) by National Information Technology Development Agency (NITDA) to carry out the following services
- Data Protection regulations compliance and breach services for data controllers and data administrators.
- Data Protection and privacy advisory services.
- Data Protection training and awareness services.
- Data Regulations contracts drafting and advisory.
- Data Protection and privacy breach remediation planning and support services.
- Information privacy audit.
- Data Privacy breach impact assessment.
- Data protection and Privacy Due Diligence Investigation.
- Outsourced Data Protection Officer.
IMPLEMENTATION FRAMEWORK
DATA PROTECTION COMPLIANCE SERVICES
By the virtue of the NDPR, 2019 (Nigerian Data Protection Regulations),it is compulsory for all data controllers and administrators in which your reputable organization falls under to comply with the dictates of the NDPR, to comply with the regulations. IPI Strategy Partners as a DPCO will render her services to ensure that your organization is in full compliance and fill your organization’s data compliance audit at NITDA as at when due to avoid sanctions of administrative penalties and or criminal prosecution.
In accordance with the provision of the NDPR (2019) and consistent with international best practices, the following framework would be applied:
- Data Protection & Private Policy Formulation and Communication (Article 3.1)
- ii. Compliance Structure and Governance/Data Protection Officer
- iii. Awareness and Training Program
- iv. Data Protection Impact Assessment (DPIA)
- v. Data Protection Compliance Audit
POLICY FORMULATION & COMMUNICATION
- Data Protection & Privacy Policy
- Provision of the Data Protection Officer DPO) with the required skills.
- This does not include Training & Continuous Development of staff(members of staff)
DATA PROTECTION IMPACT ASSESSMENT (DPIA)
- Data Listing & Inventory
- Data Evaluation & Categorization
- Data Risk Measurement
- Treatment & Mitigation
- Monitoring & Review
- Data Assessment to determine degree of Likelihood Impact
DATA PROTECTION COMPLIANCE ANNUAL AUDIT
- Technical Compliance Assessment
- Effectiveness Compliance Test
- Mitigation and Remediation
- Data Audit Report
- Mana Monitor Organizational Data
- Compliance Programs & Procedures
- Develop appropriate Internal Control Measures
- Develop the controls, processes, procedures, programs and policies that are obligated under the NDPR