NetHost Nigeria Limited is approved by National Information Technology Development Agency (NITDA) as a certified Data Protection Compliance Organisation (DPCO) and license to provide capacity building training, implement and assess companies against Nigeria Data Protection Regulation Act 2019 (NDPR).
We provide Data Protection Compliance Implementation, Registration with Applicable authorities Training at all cooperate levels
Nigeria Data Protection Regulation (NDPR)
The National Information Technology Development Agency (NITDA) is statutorily mandated by the NITDA Act of 2007 to develop regulations for electronic governance and monitoring of the use of information technology and electronic data.
Conscious of the concerns around privacy and protection of Personal Data and the grave consequences of leaving Personal Data processing unregulated, NITDA has issued the Nigeria Data Protection Regulation (NDPR). The objectives of the regulation are as follows:
- to safeguard the rights of natural persons to data privacy;
- to foster safe conduct for transactions involving the exchange of Personal Data;
- to prevent manipulation of Personal Data; and
- to ensure that Nigerian businesses remain competitive in international trade through the safe-guards afforded by a sound data protection regulation.
The regulation applies to all storage and processing of Personal Data conducted in respect of Nigerian citizens and residents.
Reference – https://nitda.gov.ng
DOWNLOADS
You can download the Nigerian Data Protection Regulation Act Summary Here
Nigeria Data Protection Regulation Awareness Training
Nigeria Data Protection Regulation Foundation Training
Nigeria Data Protection Regulation Lead Compliance Auditor Training
Nigeria Data Protection Regulation Lead Implementer Training
European General Data Protection Regulation (GDPR)
Thinking that the GDPR is not your issue because your organization doesn’t have a presence in Europe? Well, think again! If you offer any products or services to the European market, or if you collect data on European customers, the new privacy rules apply to you.
The EU General Data Protection Regulation (GDPR) was adopted in April 2016 and will take effect across the European Union (EU) on 25 May 2018, when it supersedes the 28 current national data protection laws based on the 1995 Data Protection Directive (DPD).
Introduced to keep pace with the modern digital landscape, the purpose of the new Regulation is twofold:
- to improve consumer confidence in organisations that hold and process their personal data by reinforcing their privacy and security rights consistently across the EU, and
- to simplify the free flow of personal data in the EU through a coherent and consistent data protection framework across the member states.
GDPR applies to both the controller and processor processing of personal data. The Regulation will become relevant for companies as soon as any data processing takes place.
Reference- https://ec.europa.eu/info/law/law-topic/data-protection_en
Payment Card Industry Data Security Standard (PCI DSS) Certification
Payment Card Industry (PCI) Data Security Standard (DSS) is a standard that has evolved from the effort of several card brands such as Visa and American Express. The standard was developed to improve the security of payment card information. PCI DSS as a standard has been validated by other card brands.
The PCI Council which is responsible for the publication and updating of PCI DSS requirements consists of the main payment card international brands and companies.
To fall within the scope of PCI DSS, a merchant/acquiring bank needs to process, transmit or store payment card details.
PCI DSS is a security standard and the card schemes (Visa, Master Card and others) are the promoters and enforcers of the standard on behalf of the community of participants. The card schemes enforce compliance and fine acquiring banks for not being compliant. Alternatively, the card schemes may proactively fine acquiring banks for slow progress towards the compliance of PCI DSS requirements. Acquiring banks that fall within the scope of PCI DSS must comply with a series of requirements.