Data Protection Accountability: NDPC Issues Guidance Notice To Controllers And Processors

The Nigeria Data Protection Commission (NDPC) has read the riot act to to data controllers and processors as it looks to enforce data subjects rights and promote trust in Nigeria’s digital economy ecosystem.
This comes just as the supervisory and regulatory authority for data protection in Nigeria has stepped up Data Protection Accountability.
This is according to a Statement by the Lead, Legal, Enforcement and Regulations Department, NDPC, Babatunde Bamigboye, and made available to Journalists.
In its Guidance Notice titled: GUIDANCE NOTICE ON THE FILING OF DATA PROTECTION COMPLIANCE AUDIT RETURNS (CAR), the Commission advices data controllers and processors to file compliance audit returns or risk being excluded from the National Data Protection Adequacy Programme (NaDPAP) Whitelist.
The data controllers and processors comprise banks, telcos, hospitals, schools, ICT companies, data centres among others.
“It will be recalled that the National Commissioner/CEO, NDPC, Dr Vincent Olatunji recently disclosed that the Commission is carrying out free induction training for designated Data Protection Officers in both public and private sectors so as to ensure that Nigeria can contribute competitvely to the global digital economy.
“The Commission further advices that agents and contractors who carry out data processing on behalf of data controllers should be trained and onboarded on the Commission’s portal,” the NDPC appeals.