The Data Protection Commission launches new Registration and Compliance Software and announces Amnesty

The Data Protection Commission officially launched a new Registration and Compliance Software on Thursday 8th October 2020, under the theme: Enabling Transparency towards Trustworthy Transformation.”

Section 97 of the Data Protection Act, 2012 (Act 843) mandates that a Data Controller incorporated or established after the commencement of this Act shall be required to register as a Data Controller within twenty (20) days of the commencement of business. A Data Controller in existence at the commencement of this Act shall be required to register as a Data Controller within three months after the commencement of this Act.

The enhanced Registration and Compliance Software (RegSys) has been designed to streamline the registration and renewal process and improve the user experience for Data Controllers and Processors.

Amnesty

In accordance with section 94 of the Data Protection Act 2012 (Act 843), the Minster of Communications exercised her powers to extend the transitional period for Data Controllers to register with the Commission.

The Data Protection Commission declared a six (6) month section 97 Amnesty period from 1st of October 2020 to 31st March 2021, during which any applicable arrears will be waived allowing defaulting Data Controllers to register with the Commission and pay the current years fee due only.

Data Controllers who fail to register with the Commission will be non-compliant and subject to enforcement action including payment of all arrears going back to 2012 (where applicable) and enforcement action.

Use of new technology and the increased pace of digitization (particularly in this pandemic season) make the Data Protection Commission a critical stakeholder on many fronts and requires effective regulating and the provision of expertise and guidance on privacy and data protection related matters. The Commission is working to protect the privacy of the individual and personal data and to regulate the processing of data in order to minimize or eliminate potential harm, damage or distress to individuals in the emerging digital landscape.

The Data Protection Commission is confident that the new Registration and Compliance Software will aid in the Commission’s mission to ensure the responsible and accountable processing of personal data of all living individuals, in compliance with legal requirements and will assist the Commission to execute its mandate efficiently and effectively as a regulator in Ghana and beyond.

MOU with Internal Audit Agency

During the ceremony, the Data Protection Commission signed an MOU with the Internal Audit Agency in a collaborative effort to  train all Internal Auditors nationwide (approx. 2000 in number) to expand the scope of audit to include the requirements of Act 843.

Data Protection Awards

The National Communication Authority (NCA), Ghana Investment Fund for Electronic Communications (GIFEC), Bank of Ghana, Social Security and National Insurance Trust (SSNIT) and Ghana Gas were presented with Awards in recognition of positive steps taken towards Data Protection Accountability and compliance with Ghana Act 843.

Take Action: Register or Renew your Data Protection License

To find out more about the work of the Commission and to register or renew your data protection license, please visit: https://www.dataprotection.org.gh/