Kenya’s Data Commissioner, Immaculate Kassait, recently spoke at the Connected Africa Summit about the importance of partnerships and collaborations in creating a favourable environment for innovation.
She also reiterated her office’s commitment to enhancing stakeholder engagement to facilitate cross-border data sharing and help businesses comply with data protection regulations.
The summit’s breakout session explored opportunities for governments to work together to harmonize data privacy regulations, address challenges like jurisdictional conflicts and data sovereignty issues, and identify policy gaps and regulatory frameworks necessary to ensure cross-border personal data protection.
Kenya’s Office of the Data Privacy Commissioner (ODPC) has been at the forefront of advocating for data privacy regulations. Recently, the ODPC issued new guidelines for data protection in the education, communications, and digital credit sectors and a general guide for processing health data. These notes aim to help various industries understand and comply with data protection legislation. The ODPC has published eight guidance notes, including those on permission, data protection impact assessment, data controller and data processor registration, and electoral purposes.
Kenya’s primary data protection legislation, the Data Protection Act (DPA), was enacted on November 25, 2019. The DPA imposes several obligations on data processors and controllers regarding the processing of personal data.
