Kenya’s evolving data protection environment is attracting foreign technology firms, with the latest entrant, Digital Jewels establishing its presence in the local market.
Speaking when she formally announced, Digital Jewels Founder and CEO Ms Adedoyin Odunfa said that after its 15-country geographical footprint, Kenya presented an opportunity to forge partnerships with like-minded organizations keen to drive the African narrative on data protection and information security.
“We are at a great place currently to begin deploying best practice standards in data protection such as the ISO 27701 that have been specifically designed to elevate the degree of security placed on the data held within our various institutions,”
She added that while there is no specific deadline for registration of Kenyan organizations with the Data Protection Commission, it is important to match the pace of other countries in the East African region, such as Rwanda, to achieve high compliance rates.
How to Share Your Telkom Data, Minutes, Voice and SMSs With Friends
The firm’s entry into Kenya, said Odunfa, is a critical moment in the journey of various organizations to comply with national, regional and global data protection laws, which place a high premium on the control of data flows, and which are in turn crucial in facilitating international trade. With the government having ratified the African Continental Free Trade Area (AfCFTA), data collection, storage and sharing have become a central consideration between trading companies and countries.
In making the Kenyan foray, Digital Jewels have partnered with Serianu, a pioneering cyber security data protection consultancy firm, where the two will collectively provide complementary offerings.
“We expect Serianu’s partnership with Digital Jewels to deliver a robust approach for data protection and processes, governance frameworks and technology,” said Serianu CEO William Makatiani.
He pointed out that data protection has become a much bigger issue for organizations as they increasingly adopt technology. Noting great progress in creating awareness in the country, Makatiani explained that it is time to implement the technology, policies and processes necessary for data protection.
Echoing his remarks, Data Commissioner Immaculate Kassait stated that the Commission was keen to support and enhance self-regulation, planning to roll out an accreditation program for third-party organizations involved in auditing and enforcing compliance with the Data Act.
“We see self-regulation as a key pillar of deepening compliance with data protection as we believe it begins with governance at the institutional level,” Said Ms. Kassait.
To facilitate this process, the data protection commissioner’s office has developed guidelines for various sectors, including fintech and health, that will soon be subjected to public participation.