Further to our Regulatory Alert Issue No. 1.8 of 29 January 2021, we are pleased to announce that the National Information Technology Development Agency (NITDA) has extended the deadline for filing the Data Protection Audit (DPA) Report for the 2020 audit cycle from 15 March 2021 to 30 June 2021. According to NITDA, the extension of the filing deadline is to afford Data Controllers and Data Processors opportunity to comply with Nigeria Data Protection Regulation (NDPR) given the impact of the COVID-19 pandemic on business operations.
Based on the provisions of the NDPR, every organization that processes the personal data of more than 2,000 persons within a 12-month period, must engage a Data Protection Compliance Organization (DPCO) to audit its compliance in line with the NDPR for the period (i.e. 2020 financial year). Failure to file the DPA report within the statutory timeline may attract a fine of up to 2% of a company's annual gross revenue for the preceding year. Data Controllers and Data Processors, who are yet to file their 2020 DPA report, will be well advised to take advantage of the filing extension and regularise their regulatory compliance status.
KPMG is licenced by NITDA as a DPCO and can assist your organization with the following NDPR compliance services:
For further enquiries, please contact the author, Wole Obayomi via email@example.com