The Office of the Data Protection Commissioner Celebrates it’s 100 days of existence today, the 24th February 2021. This Office has seen tremendous achievement towards its operationalization which in turn will help in fulfilment of its mandate.
Some of the milestones so far achieved include;
The Office of the Data Protection Commissioner is currently hosted by the Communications Authority of Kenya (CA) for an interim period of one year. suffice to say, we have developed the Office Space requirements and forwarded to the State Department for Housing and Urban Development. After the necessary bureaucratic processes are exhausted, Lease agreement will be signed with the identified leaser.
Postal Address for the Office has been acquired and operational. This provides a platform through which customers will contact the Office. Request for a toll free number is awaiting approval.
Operational interactive website and social media platforms are already in place.
Our Logo has also developed.
The Office has held 10 stakeholder engagements ;
The schedule for weekly Stakeholder engagements is in place; This includes sector specific stakeholders’ meeting to discuss sector specific regulations.
The Office has developed customer service charter which spells out our Services, Customers rights and obligations,
So far, the Office has developed the following three manuals and Draft Standard Operation Procedures (SOPs);
a Manual on lodging data breach complaints:
Procedure on Complaints handling;
Procedure on carrying out inspections.
The Cabinet Secretary, Ministry of ICT, Innovation and Youth Affairs gazetted the Taskforce on Development of Data Protection Regulations in January, 2021;
So far, Draft General and Specific Regulations and policy recommendations are already in place awaiting public participation.
The following 6 (six) Guidelines have been developed awaiting public participations. These are;
Registration of Data Controllers and Processors;
Seeking Consent from Data Subjects;
Certification of Data Controllers and processors;
Data Impact Assessment;
Appointment of Data Protection Officers;
Data Sharing Code and
In accordance with its Mandate, the Office has offered advisory to four (4) institutions.
Pursuant to its mandate of promoting international cooperation and ensuring compliance with obligations under international conventions and agreements on matters relating to data protection, the Office has applied and joined 2 international associations of data protection; The Common Thread Network of the Commonwealth Telecommunication Organization and Data Protection Africa; The two organizations offer a platform for information and experience sharing on matters of Personal Data regulation. In addition, the Office has held discussion with the Seven (7) Development partners. These are World Bank; UNDP, ICRC, UK, EU, Amnesty International and Open Institute for collaboration and support.