Locations: Lagos | Abuja | Port Harcourt (info@sololaakpana.com)

Data Protection Compliance

Data is the new gold. However, it is vital to treat personal data with respect and comply with data protection regulations. With expertise in this area, we are the perfect partner to help you gain the most value from your data protection efforts.

With the advent and recognition of data privacy rights and obligations in Nigeria pursuant to which the Nigeria Data Protection Regulation, 2019 (the NDPR), the Nigerian Data Protection Regulation: Implementation Framework 2020 (the NDIF), and the Guidelines for the Management of Personal Data by Public Institutions in Nigeria, 2020 were enacted, it is imperative for companies, public institutions and individuals who control and process personal data of individuals to comply with the NDPR.

As a Data Protection Compliance Organization (DPCO) licensed by the National Information Technology Development Agency (NITDA), we have an extensive understanding of the documentary, procedural and organizational measures required by entities and individuals to remain data protection compliant within the purview of the relevant laws.

Our leading services:

  • Conducting an adequacy audit and a process audit on data protection processes within an organization
  • Preparing and issuing a data protection audit gap assessment report, while interfacing with relevant organizational heads on implementation procedures and deadlines
  • Filing of Data Protection Compliance Audit Reports
  • Conducting Data Protection Impact Assessment Tests prior to the commencement of key projects/collection of sensitive personal data
  • Documentation of requisite Data Protection Compliance Policies
  • Maintenance of the Data Assets Register/Inventory
  • Training of an organization’s key staff processing personal data
  • Data Breach Incident Investigation and Remediation Procedure Service
  • Conducting Penetration and Vulnerability Audits and implementation of recommended gap plugs
  • Data Protection Policy making
  • Implementation of Data Protection/Information Security standards
  • Interfacing with the Civil Service of states within the Federation on data protection awareness and compliance within the State

Examples of the value we’ve delivered for clients:

  • Conducted the statutory data protection compliance audit and privacy practices on The Shell Petroleum Development Company of Nigeria Limited (SPDC), Shell Nigeria Exploration and Production Company Limited, Lubrik Construction Company, Craneburg Construction Company, and Daewoo Nigeria Limited
  • Provided a data protection compliance opinion and strategy to a major commercial bank on the transfer of customer banking information to a State Internal Revenue Service
  • Advised SPDC on the instances and procedure for self-reporting under the Nigerian laws in event of a personal data breach
  • Prepared and issued data protection gap assessment reports to several national and multinational companies in Nigeria
  • Advised a major construction company on the roadmap to compliance with the NDPR
  • Conducted data protection impact assessment tests for a syndicate real estate acquisition involving the disclosure of tenant’s personal data to the purchasing entity
  • Prepared and reviewed data protection compliance policies for our clients
  • On a periodic basis, provide legislative updates to our clients on data protection best
    practices
  • Help ensure data protection compliance capacity building within organisations