The changing data protection landscape in Kenya is drawing in foreign technology companies. The latest entrant is Digital Jewels, which has established a presence in the local market.
Digital Jewels’ CEO, Adedoyin Odunfa, said that after operating in 15 countries, Kenya offered an opportunity to partner with like-minded organizations that are committed to advancing the African narrative on data protection and information security.
She said, “we are in a good position to start using best-in-class data protection standards, such as ISO 27701, which is specifically designed to improve the security of our data.”
Odunfa added that although there is no set deadline for Kenyan organizations to register with the Data Protection Commission. It is important to keep up with other countries in the East African region, such as Rwanda, in order to achieve high levels of compliance.
However, she stated that Digital Jewels’ entry into Kenya is a critical moment in the journey of various organizations to comply with national, regional, and global data protection laws. These laws have place a high value on controlling data flows, which in turn are essential for facilitating international trade.
With the government having endorsed the African Continental Free Trade Area (AfCFTA), the collection, storage and sharing of data has become a key factor in the relationships between trading companies and countries.
In making the Kenyan foray, Digital Jewels has teamed up with Serianu, a leading cyber security data protection advisory firm. The two will jointly provide complementary services.
Serianu’s CEO, William Makatiani, said he anticipate that the collaboration between Serianu and Digital Jewels will provide a strong foundation for data protection and procedures, governance frameworks, and technology. He emphasized that, data protection has become a major concern for organizations as they increasingly use technology. Makatiani clarified that it is now time to put into effect the technology, procedures, and regulations that are essential for data security.
Reiterating his statements, Data Commissioner, Immaculate Kassait, declared that the Commission was eager to encourage and improve self-regulation, with a goal of launching an accreditation program for third-party organizations that would be involved in inspecting and enforcing compliance with the Data Act.
To make this process easier, the data protection commissioner’s office has created a set of rules for different industries, such as fintech and healthcare, which will soon be open to public feedback.
