Five more institutions have been picked up for non-compliance with the country’s data protection laws in the latest round of enforcement action by the Data Protection Commission. The enforcement exercise is aimed at clamping down on businesses that have failed to register with the Data Protection Commission as data controllers but are processing personal data.
The enforcement exercise was supported by the Ghana Police Service. The companies accosted were Care Flight Ghana, Embassy Court, Morning Star School, KABFAM and Grace Homeopathic Clinic. On the breach of section 17 of the Data Protection Act 2012 (Act 843) which requires all companies that manage personal data to acquire a license from the Data Protection Commission, Morning Star School, Embassy Gardens, CareFlight Ghana and Grace Homeopathy were cited for breach.
Embassy Gardens and Morning Star School were also cited for non-registration with the commission. Though Kabfam, one of the companies visited during the swoop had registered with the commission, it was cited for failure to appoint a certified data protection supervisor.
Speaking to Joy Business after the exercise, Director of Regulatory and Compliance at the Data Protection Commission, Quintin Akrobeto, urged businesses to abide by the laws to avoid arrest. “Registration is just one of the aspects of compliance. What we expect from institutions is to bring their activities under the radar of the commission for supervision.”
“For some of the companies, they haven’t registered at all. Even after several follow-ups, they have failed to register with the commission. For those of them that have registered, they are still not compliant. You need to appoint a certified supervisor to help guide companies to compliance. “ The exercise is expected to be held monthly to ensure the utmost enforcement of the data protection laws.
By: Isaac Atta Osei-Nyarko
