Data protection is a set of strategies and processes used to secure the privacy, availability, and integrity of data. It prevents information of an organization or individuals from fraudulent activities such as hacking, phishing, identity theft, and other related activities of cybercriminals.
Johan ICT, Managing Consultant Akin Oyegoke said the new platform will offer integrated audit and compliance implementation services that will guide organizations towards aligning their business processes with the provisions of the Kenya Data Protection Act which was enacted in 2019.
The country’s data Protection act and even global data privacy practices are quite a complex issue and there is an urgent need to educate organizations and individuals in understanding and implementing the dynamic compliance requirements.
“Any organization that wants to work effectively needs to ensure the safety of their information by implementing a data protection framework which ensures that sensitive data is only accessible to approved parties. It also prevents criminals from being able to maliciously use data and helps ensure that organizations meet regulatory requirements”, Oyegoke explained.
Oyegoke said governments, organizations, and individuals increasingly generate, collect and process personal data and it is imperative that customers’ data is adequately safeguarded by implementing strong data security.
Johan’s ICT boss said though there are software packages that could help with some of the regulatory requirements, engaging expert consultants and data protection professionals is an efficient step towards achieving a robust compliance status.
After the outbreak of the Covid-19 pandemic, many businesses and individuals across the world resorted to virtual business transactions making them vulnerable to operational risks due to incorrect transaction processing or compromise of the data integrity, data privacy, and confidentiality. Apart from technological errors, human factors such as negligence, employee fraud, hackers, etc. are the potential sources of operational risk of e-banking. Security Risk of e-banking also arises from hacking threats and unauthorized access to the bank’s systems through social engineering techniques.
Since all virtual transactions channel are done remotely, it is often difficult for banks to use traditional methods to detect and prevent criminal activities, which is a major source of money laundering risks. Although there are certain money laundering rules in practice for electronic payments, their feasibility and efficiency are often questionable.
Oyegoke said data protection frameworks require controllers and processors to assess and maintain security in their data governance systems, including disclosing data breaches to the data protection authority and in some situations to the relevant data subjects.
A typical data protection framework will also include establishing organizational and technical measures, such as appropriate accountability documents as well as user access rights among other measures. This promotes consumer trust and increases the use of digital tools, which in turn incentivizes investment, competition, and innovation in the digital economy.
The Kenya Data Protection Act came into effect on November 25, 2019, to protect individuals’ rights, privacy, and interests. It was closely modeled after the European Union’s General Data Protection Regulation using many of the same provisions, requirements, and definitions.
