KPMG Personalization

Get the latest KPMG thought leadership directly to your individual personalized dashboard

Notice of updates !

Since the last time you logged in our privacy statement has been updated. We want to ensure that you are kept up to date with any changes and as such would ask that you take a moment to review the changes. You will not continue to receive KPMG subscriptions until you accept the changes.

Hi !

Our privacy policy has been updated since the last time you logged in

We want to make sure you're kept up to date. Please take a moment to review these changes. You will not receive KPMG subscription messages until you agree to the new policy.

Hi !

CheckBox

Home ›
Insights ›
Regulatory Alert - Issue No. 5.4 | May 2020

The Nigeria Data Protection Regulation - Measuring Compliance

Regulatory Alert - Issue No. 5.4 | May 2020

Ajibola Olomola

KPMG in Nigeria
John Anyanwu

KPMG in Nigeria

The National Information Technology Development Agency (NITDA or “the Agency”) on 25 January 2019, issued the Nigeria Data Protection Regulation (NDPR or “the Regulation”) which provides guidelines on the use of personal data by organizations that collect and/or process such data. As part of its mechanism to enforce compliance with the NDPR, NITDA mandates all public and private organizations in Nigeria that control data of natural persons to publicise their respective Data Protection Policies. This means that irrespective of the quantity of data controlled by any organization, it is expected that each organization puts in place a Data Protection Policy where none exists.

Also, all Data Controllers and Processors must conduct an independent Data Protection Audit and file the Audit report with the Agency within a defined timeline. The initial timeline given by NITDA to conduct the Audit was 25 October 2019, and all 2019 reports were due to be filed with the Agency by 15 March 2020.

In February 2020, NITDA issued a communique exempting Data Controllers, Data Processors and other concerned entities that submitted the statutory Initial Data Audit Report between 2019 and 15 March 2020 from further submitting the 2020 Annual Data Audit Report. Rather, such entities were required to put necessary processes in place to remediate gaps identified during the 2019 audit and improve their systems to ensure data protection compliance and information security.

With the onset of the Coronavirus pandemic in Nigeria, companies which had not met the 15 March 2020 deadline and had applied for an extension of time to comply, through a licensed Data Protection Compliance Organisation (DPCO) were permitted to submit their 2019 Data Audit Report by Friday, 15 May 2020.

With just a few days to the deadline, concerned organizations are advised to take necessary steps to ensure timely compliance with the NDPR.

KPMG is able to support your organizations with drafting / reviewing your Data Protection Policies for compliance with the NDPR. Our Firm is also licensed by NITDA as a DPCO to perform Data Protection Audits, Implementation Support and Capacity Building/Training Programs and help affected organizations comply with the Regulation.

For further enquiries on our service offerings on data protection compliance please contact:

Ajibola Olomola
Partner, Tax Regulatory & People Services
aolomola@kpmg.com

John Anyanwu
Partner, Technology Advisory
janyanwu@kpmg.com

© 2021 KPMG Professional Services, a partnership registered in Nigeria and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Connect with us

Find office locations kpmg.findOfficeLocations
Email us kpmg.emailUs
Social media @ KPMG kpmg.socialMedia

Legal
Privacy
Accessibility
Sitemap
Help
Glossary

Legal
Privacy
Accessibility
Sitemap
Help
Glossary
Contact
Office Location
Media
Press releases
Alumni

facebook. Opens in a new window
linkedin. Opens in a new window
twitter. Opens in a new window
instagram. Opens in a new window
youtube. Opens in a new window

Contact
Office Location

Media
Press releases

Alumni

Subscription

E-mail address is invalid.

Email Address

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.