info@mutieadvocates.com

+254 768 042 180

Search
logo
mobile logo
09 May
0 Comments
Sticky

5 KEY POLICIES FOR DATA PROTECTION COMPLIANCE

Posted by admin_mutie
in Data Protection, News

Introduction Policy development is a key consideration for any organisation looking to comply with data protection laws. Data protection policies are a set of principles, rules and guidelines that define the goals of an organisation in terms of privacy compliance. They provide guidance on how to achieve compliance objectives. Apart from guidance, a sound privacy policy framework ensures consistency in data protection across your organisation, offers clarity on data protection obligations and promotes accountability within the business. This article is part of our ‘Roadmap to Data Protection Compliance’ series, which gives practical guidelines on how to comply with data protection laws and...

Continue reading
25 April
0 Comments
Sticky

A Privacy Assessment: What it is and Why you need it

Posted by admin_mutie
in Data Protection, News
Mutie Advocates privacy assessement

Conducting a privacy assessment is crucial to your data protection compliance journey. A privacy assessment is an in-depth evaluation of the personal data an organisation holds and its current data handling practices. Through this process you can identify the key privacy risks facing your organisation and the compliance gaps you need to fill. Privacy assessments involve two critical steps: data mapping and  gaps assessment. In this article, we consider the value of a privacy assessment to your privacy compliance program. We describe the best way to do this assessment in order to optimise your organisation's compliance program. This article is part...

Continue reading
06 April
0 Comments
Sticky

4 Considerations for Privacy Governance

Posted by admin_mutie
in Data Protection, News
Mutie Advocates Privacy Governance Considerations for your Organisation

In our previous article, we shared our thoughts on the importance of baseline training and why it  should be the first step in data privacy compliance. Along the same line, this week we look at the significance of establishing a governance framework for your privacy compliance program. Why privacy governance? Crafting an appropriate governance framework for your privacy program is essential to safeguarding personal data in your organisation. Some benefits of having a sound privacy governance framework are: a. Facilitating data protection compliance An efficient governance framework guarantees that your organisation meets all its legal obligations under the current data protection laws. Through this...

Continue reading
30 March
1 Comment
Sticky

The First Step Towards Data Protection Compliance

Posted by admin_mutie
in Data Protection, News

Following the enactment of the Data Protection Act (the ‘Act’), 2019 and its supporting regulations, many organisations are gearing toward compliance. Privacy compliance has several aspects to it including determination of privacy governance structures; data mapping; privacy gaps assessments; development and implementation of policy and procedural frameworks; data security; and training & awareness. When embarking on the project, it is tempting to overlook initial training and sensitisation, but if properly executed it can guarantee the success of your compliance program. Let us consider some of the reasons why a privacy leader or manager should give priority to training and awareness as they develop a privacy compliance program.

Continue reading
21 March
0 Comments
Sticky

Scope of the Kenya Data Protection Act

Posted by admin_mutie
in Data Protection, News

In the course of doing business, it is common to interact with personal data relating to clients, suppliers, contractors and employees. You must handle this information in accordance with privacy laws and regulations to avoid litigation, regulatory fines and sanctions or disrepute to the business. With the enactment of the Data Protection Act (the ‘Act’) and supporting regulations, many businesses are now revisiting their relationship with personal data. In this article, we consider the scope of application of the Act and how and when the exemptions apply.

Continue reading
31 August
0 Comments
Sticky

5 Ways the Data Protection Act Impacts Procurement

Posted by admin_mutie
in Data Protection, News

One of the key aspects of data protection compliance is procurement or third party vendor compliance. The Data Protection Act provides that where a data controller desires to use the services of a data processor, then he must first ascertain that the data processor has put in place sufficient safeguards for data protection.

Continue reading
14 August
0 Comments
Sticky

FAQs: Personal Data Breaches

Posted by admin_mutie
in Data Protection, News

One of the most challenging areas in data privacy compliance is on data breach management. The Data Protection Act, 2019 places an obligation on data controllers to notify the Data Commissioner and data subjects of some types of data breaches. Further, a notification must be done within 72 hours of becoming aware of the data breach. Data Processors must also report data breaches albeit to the data controller. What is a personal data breach and in what circumstances should an organisation make a notification? We tackle some frequently asked questions on this area of data privacy..

Continue reading
06 August
0 Comments
Sticky

The Role of the Board in Data Protection Compliance

Posted by admin_mutie
in Data Protection, News

Data Protection compliance is a buzz word right now. What is it? Who is responsible? What is the cost of non-compliance? If you are in a leadership position in a company that handles personal data, you may be wondering about these and other related questions. More so, as a board member, you may share similar concerns or you may be wondering what the board’s role should be in compliance.

Continue reading
28 July
0 Comments
Sticky

FAQs on the role of the Data Protection Officer

Posted by admin_mutie
in Data Protection, News
Mutie Advocates FAQs Data Protection Officer

If you are pursuing privacy compliance, you may need to consider appointing a Data Protection Officer (“DPO”). Although the Act provides for the designation of a DPO in certain instances, it may be worthwhile for all organisations to consider designating one. Who is a Data Protection Officer and what are the benefits of appointing one? We consider common questions associated with the role of the Data Protection Officer.

Continue reading
03 June
1 Comment
Sticky

Digital Lending and Data Privacy in Kenya

Posted by admin_mutie
in Data Protection, News
Mutie Advocates Digital Lending Data Privacy

Prior to 2020, digital lending witnessed an unprecedented rise and growth in Kenya. According to a 2019 FSD report, the boom was fuelled by widespread use of mobile phones, high demand for credit and a lax regulatory environment. Digital lenders fall into two main categories: mobile banking loans(i.e. loans by licensed banks such as M-Shwari) and digital loans (i.e. loans granted by unregulated firms like Tala and Branch). The regulatory environment made it very easy for unregulated providers to enter the market. By 2020, Kenya had over 120 digital lending platforms.

Continue reading