From Adanna Nnamani, Abuja
The Nigeria Data Protection Commission (NDPC) said it would be conducting a sector-by-sector investigation to ensure organisations comply with the provisions of the Nigeria Data Protection Act (NDP Act), 2023.
NDPC disclosed this in a statement signed by its Head, Legal, Enforcement and Regulations, Babatunde Bamigboye on Monday.
According to the statement, the investigation is a crucial step in the NDPC’s efforts to safeguard the rights of individuals and ensure responsible data management across various sectors of Nigeria’s economy.
The Commission said it has issued Compliance Notices to various organisations across key sectors, including insurance, pensions, gaming, banking, and insurance brokerage, adding that the list will be published in some major newspapers across the country.
It warned that warned that non-compliant organisations may face enforcement actions, including administrative fines, enforcement orders, or even criminal prosecution in accordance with the provisions of the NDP Act, 2023.
“These organisations are required to, within twenty-one (21) days of issuance, provide the following:
Evidence of filing NDP Act Compliance Audit Returns for 2024 (S.6(d) of the NDP Act).
“Evidence of designation or appointment of a Data Protection Officer, including name and contact details (S.32).
“Summary of technical and organisational measures for data protection within the organisation (S.39).
“Evidence of registration as a Data Controller or Processor of Major Importance (S.44).
“The Commission reiterates that failure to comply with this Compliance Notice may result in enforcement actions, including the issuance of an Enforcement Order, administrative fines, and/or criminal prosecution in accordance with the NDP Act, 2023.
“The NDPC remains committed to ensuring a culture of accountability and trust in Nigeria’s data protection and privacy ecosystem, while safeguarding the rights of data subjects and strengthening the nation’s digital economy,” the statement read in parts.
