Data Protection Compliance Check

On November 25, 2019, the Data Protection Act (DPA) went into effect, bringing about improvements for Kenyan enterprises. In order to comply with the Data Protection Regulations, many businesses must now modify their internal systems and procedures. We assist organizations looking to implement the new data protection requirements with our complete DPA consulting services and personalized evaluations.

You can use our DPA check to get your policies reviewed to make sure your data protection procedures adhere to the most recent DPA regulations.

Every organization should implement data protection in accordance with modern regulations because doing otherwise includes significant hazards. For small and medium-sized businesses, our DPA Check is a more affordable and efficient option than an expensive, time-consuming external audit. Additionally, external auditors frequently use techniques that are more appropriate for big businesses and end up including details that do not apply to smaller companies. On the other hand, our DPA Check takes into account the unique characteristics of small and medium-sized businesses.

Your Benefits

• A track record of adhering to privacy laws and data protection regulations;
• Immunity from fines and punishment for data protection violations;
• Absence of any chance of receiving an injunction from supervisory authorities;
• Assurance in defending rights and obtaining coverage from insurance companies and others

Our Approach

The DPA Check makes use of a questionnaire to talk about the different regulations with the company’s data protection officer and to spot any potential gaps in data processing. The conclusions of this discussion serve as the foundation for additional steps to guarantee compliance.

During the course of our DPA check, we closely collaborate with the company’s data protection officer to assess how well the company complies with the fundamental data protection laws and where further action is required. The ensuing issues are covered:

• Designation of a data protection officer: The business or the IT service provider should offer the data protection officer. However, the managing director is in charge of it.
• A summary of the processing operations Because the Data Protection regulations place a strong emphasis on transparency, processing must also be made public.
• Lawfulness of processing: Specific rules must be followed while processing personal information. For instance, personnel files might not be accessible to every employee.
• Management techniques for data protection: The managing director should be present as well.
• Reporting requirements in the case of data protection violations: Procedural steps are documented and added to the management system.
• The rights of data subjects: As part of data processing transparency, this area should be communicated with clear guidelines. Everyone in the company is allowed to ask questions.
• Processing of special data: This includes the previously specified personal information to which access is constrained and requires a specific authorization.
• Processing of order data: Regulations make sure that order data is processed in accordance with specific standards. Passwords or account information for customers, for instance, must not be available to employees who are not dealing directly with the customer.
• Data transmission to foreign countries: The protection of personal information extends beyond the nation where it is collected.
• Technology measures: Our EU GDPR assessment examines both the organizational planning and technology implementation mandated by the rule.
• Risk and protection needs assessment: According to the EU’s basic data protection regulation, it is necessary to identify any potential data protection risks.
• Awareness initiatives: Comprehensive employee assistance makes sure that employees are aware of data collecting and that their information is not shared with outside parties.

Why Us?

• We work with you to improve your data protection policies and provide you with qualified data protection specialists who do the DPA Check.
• We provide a time- and money-saving substitute for DPA consulting.
• In the areas of data protection and cyber security, we have years of expertise and are authorities.