Cyber Roam Africa has dedicated department to support organizations on services related to data protection.
Offer the following Data Protection services:
A. Data Privacy & Protection Policy Development Service
A data privacy & protection policy is an internal document created for the purpose of establishing data protection policies within the organization.
It is used by organization’s employees and third parties, responsible for handling or processing sensitive data for the organization.
Data privacy & protection policy is the primary document for implementation of data protection in any organization.
Key Components of Data privacy & protection policy:
- Scope of Data privacy & protection
- Definition terms
- Roles and Responsibilities of Data protection stakeholders
- Data Protection Act
- Data Breach Notification Procedures
- Rights of Data Subjects
- Security and Record Keeping
- Contact Information of Data protection office
B. Data Protection Compliance and Impact Assessment (DPCIA) / Data Protection Audit Service
Data Protection Compliance and Impact Assessment (DPIA) is data protection audit carried out by data handler organizations designed to identify risks arising out of the processing of personal data and offer relevant mitigation measures to reduce the data protection risk.
In specific, Data Protection Compliance and Impact Assessment aims to achieve the following objectives:
- Identify data protection gaps and offer recommendations on safety measures to be implemented.
- Assess current data protection practices and policies within the organizations and level of compliance to Data Protection Act.
- Review and analyze existing data protection documentation, including privacy policies, consent forms, and data processing agreements within the organization
- Identify personal data processing activities and categorize them based on risk levels
- Develop a roadmap for achieving compliance, including recommended actions and timelines
Methodology for Data Protection Compliance and Impact Assessment
Data Protection Compliance and Impact Assessment consist of the following phases:
- Need Assessment for DPCIA
- Planning for DPCIA
- Identify Personal Data and Personal Data Flows
- Identification and Assessment of Data Protection Risks
- Create an Action Plan
- Implementation of Action Plan and Monitoring
C. Data Protection Awareness Training
We offer Data Protection Awareness Training.
The training is designed to equip the employees with better understanding of data privacy issues.
Data Protection Awareness program to offers a basic, practical understanding of the law, policy, practice, compliance of data privacy and protection as prescribed on General Data Protection Regulation (GDPR) and Data Protection Act of 2019(Kenya).
The course prepares employees to comply with the technical and organizational measures required under Data Protection Act
For more information or request for this service, contact us through:
- Email : [email protected]
- Tel: +254733378670