The Data Protection Commission (DPC) has set March 31, 2021 deadline for all institutions performing functions as data controllers to register with the Commission or face prosecution.
In October last year, the Commission launched a registration software mandating all institutions processing personal data to duly register with the Commission and pay the required fees.
However, due to the adverse impact of COVID-19 on businesses, the arrears owed by these data controllers had a six-month amnesty which started on October 1, 2020, to allow such defaulting institutions, a grace period to register with the Commission.
In a statement, Executive Director of the Commission, Patricia Adusei-Poku, said the six months’ amnesty will end on the 31st of this month. Institutions operating in these areas including liability companies, Consultancy firms, Airlines, Hotels, Hospitals and Clinics, Banks and Microfinance companies, the Media, Churches and NGOs, Law firms as well as corporate agencies are to take note of the deadline.
According to the statement, Sections 97 (1) and (2) as well as Section 27 (1) of the Data Protection Act specify varied procedures and modalities for institutions processing personal data or perform such functions as data controllers to register with the Data Protection Commission. It adds that failure to do so will attract legal action.