Personal Data and Privacy Protection Regulations: State of compliance with Nigeria Data Protection Regulations (NDPR) in Ministries, Departments, and Agencies (MDAs)

Personal data and privacy protection has been a hot topic of discussion due to the increasing impact of computing technologies in everyday life. In recent years, there have been reports of breaches of personal data either from organizations that collected it or from mischievous third parties. The global responses against the breaches have been the enactment of various policies and regulations to protect personal data against all forms of potential abuses. Nigeria Data Protection Regulation was also issued as the regulatory framework for personal data and privacy protection on Nigerian soil. This paper, aimed at analysing the state of compliance of Ministries, Departments, and Agencies with the regulatory framework. An online questionnaire was designed and hosted on Google Forms. The link to the questionnaire was sent to 110 staff, selected based on convenience, and representing various Ministries, Departments, and Agencies. The results have shown that about 70% of the organizations were aware of the provision of Nigeria Data Protection Regulation but only 34% indicated that they started the implementation. Nonetheless, about 45% Ministries, Departments, and Agencies completed the preparatory stage of compliance as they indicated that they have conducted detailed audits on their organizational operations to determine the changes and the new practices required to comply with the Nigeria Data Protection Regulation. The surveyed organizations indicated 37% to 60% compliance with other components of Nigeria Data Protection Regulation. The paper concluded that more advocacy and enforcement are required to speed up compliance with regulations.