Emmanuel Gadaso, a Data Protection Consultant, has warned all organizations in Ghana—whether private, public, governmental, or non-governmental—that they must register with the Data Protection Commission to avoid legal repercussions.
He emphasized that under the Data Protection Act 2012, Act 843, organizations are required to register within 21 days of their establishment and put in place the necessary policies, procedures, and technologies to protect citizens’ data.
Furthermore, some organizations are obligated to appoint a data protection officer to ensure compliance with the law.
Mr. Gadaso cautioned that failure to adhere to these requirements could lead to legal violations with serious consequences.
” In Ghana, we have the Data Protection Act 20 12 or Act 843, that mandates the Data Protection Commission to protect the citizens of Ghana. They do that that by regulating organization that takes you and I our data. So that includes your place of employment.
Everywhere they take your data. So the Data Protection Commission regulates these organizations. And the organizations are mandated to make sure they put in the appropriate mechanisms either through policies, procedures, and the technology to make sure this data is kept safe. Then they are also mandated to register with the Data Protection Commission.
So prior to the coming into effect of the law, any organization that existed, you are supposed to register, any organization that registers after the law, the loss is within 21 days. You are supposed to register with the Data Protection Commission. So any organization that has not done that, they have already infringed on the law.”
