NITDA Releases Guidelines For Management Of Personal Data
BY GLORIA USMAN, ABUJA – As part of its regulatory mandate, the National Information Technology Development Agency (NITDA), has released the 2020 Guidelines for Management of Personal Data by Public Institutions in Nigeria.
This was contained in a statement by the Head, Corporate Affairs and External Relations, Mrs Hadiza Umar, who explained that the Guidelines are issued as supplementary regulation to the Nigeria Data Protection Regulation (NDPR), 2019.
Umar said; “The Guideline stipulates the requirements for the processing of personal data by Public Institutions in Nigeria. It is issued to reinforce the implementation of the NDPR.
“All the principles and provisions of the NDPR remain valid and applicable to all Nigerians including public institutions.
“The Guideline requires all public institutions and any entity co-owned by the Government to process all personal data of Nigerians and Data Subjects in Nigeria in line with best practices and in conformity with the highest standards.
“It takes cognisance of the fact that some public sector data processing may be founded on Vital or Public interest. This position of trust therefore requires public data controllers and processors to apply the highest ethical and professional standards in processing such data,” Umar stated.
The Agency further said it shall not hesitate to invoke the punitive sanctions provided in the NITDA Act 2007 and NDPR in the event of breach or abuse of personal data of Nigerians.
Umar also said that NITDA will not relent in its surveillance to ensure adequate compliance with the NDPR and the Guidelines.
According to her; “While we recognise the existence of constitutional limitations on privacy rights in the interest of public health and safety, yet such limitations must be based on defined frameworks”.
Umar urged all concerned parties to study these Guidelines diligently and apply them accordingly, adding that the agency also encourage all parties to reach out to it and seek clarifications or guidance when needed.
The NITDA therefore implores all concerned parties to comply strictly with the requirements of the Guidelines and seek professional guidance from licensed Data Protection Compliance Organisations (DPCO) for the purpose of compliance.
It said it recognises the need for collaboration in some cases between the public and private sector to tackle emergencies or other state-led interventions for the benefit of citizens.
Umar also said that the Guideline and other regulatory instruments of NITDA are available on the Agency’s website: www.nitda.gov.ng
