NDPR Compliance
The Nigerian Data Protection Regulation (NDPR)
The National Information Technology Development Agency (NITDA) is statutorily mandated by the NITDA Act of 2007 to develop regulations for electronic governance and monitoring of the use of information technology and electronic data. Conscious of the concerns around privacy and protection of Personal Data and the grave consequences of leaving Personal Data processing unregulated, NITDA has issued the Nigeria Data Protection Regulation (NDPR). The objectives of the regulation are as follows:
▪ To safeguard the rights of natural persons to data privacy;
▪ To foster safe conduct for transactions involving the exchange of Personal Data;
▪ To prevent manipulation of Personal Data;and
▪ To ensure that Nigerian businesses remain competitive in international trade through the safe-guards afforded by a sound data protection regulation.
The regulation applies to all storage and processing of Personal Data conducted in respect of Nigerian citizens and residents.
Examples of personal data are as follows:
▪ Employee information as managed by HR
▪ Customer and subscribers data
▪ Vendors' and services providers' information
Personal data may contain one or more of the following:
▪ Name, phone numbers, contact information
▪ Location information, financial information, transaction history
▪ Gender, ethnicity, health records, sexual orientation
Download the PDF document below for more information about the regulation and what you need to do in order to achieve compliance for your organisation and avoid heavy fines or contact us for help and advice using the form below:
