The Data Protection Commission of Ghana has compiled a list of non-compliant Data Controllers to be forwarded to the Attorney General’s Department to commence legal proceedings.

This follows refusal by some Data Controllers to register with the Data Protection Commission as mandated by law under Section 46(3) of the Data Protection Act 2021 (Act 843).

The Executive Director of the Data Protection Commission of Ghana, Patricia Adusei- Poku told Joy Business there is the need for organisations to prioritise data protection, respect others privacy and act in accordance with the Data Protection act to avoid non-compliances.

“Riding on the back of all past and recent avenues created for Data Controllers and Data Subjects to engage with the commission on their queries, challenges and/or concerns, the Commission has moved to the next level to instigate legal proceedings against defaulters,” she stated.

In the meantime, the Commission has encouraged organisations to do what is right by registering with the Commission, train an employee to become a Certified Data Protection Supervisor (CDPS) and implement an in-house privacy programme.

The Data Protection Commission is a statutory body established under the Data Protection Act, 2012 (Act 843) to protect the privacy of the individual and personal data by regulating the processing of personal data, choices of technologies and integrity of people with access to personal data.

The Commission provides for the process to obtain, hold, use, or disclose personal information and for other related issues bordering on the protection of personal data.