Ernst & Young (EY) has unveiled a comprehensive data protection and privacy report focused on Ugandan organizations. The report, based on a survey conducted between October and December 2022, aims to enhance stakeholder confidence through compliance with the Uganda data protection and privacy regulations.
At the launch event held at Kampala Serena Hotel, Herculs Bizure, the EY Consulting Leader in Uganda, stated that the survey aimed to draw on insights from business leaders on where their organizations are on their compliance journey, and what challenges or opportunities organizations are facing as they seek to achieve compliance with the data protection and privacy regulations. EY’s regular research and thought leadership informs business leaders, entrepreneurs, organizations, and the public about market trends and developments as well as challenging the status quo to bring deep insights on the regulations.
Alfred Mugume, the Manager Cybersecurity, Data Privacy and trusted Technology at EY presented the key highlights from the survey stating that the report specifically raises awareness of the 2021 data protection and privacy regulations and serves as a foundation for discussion, inviting stakeholders to delve into the survey’s key highlights.
The launch of this report underscores EY’s commitment to advancing data protection practices and fostering compliance with regulations in Uganda and provides valuable insights into the state of data protection and privacy in Uganda. The survey highlights the need to improve awareness and understanding of data protection regulations among individuals, private sector organizations, and government MDAs in Uganda. This includes enhancing knowledge about compliance requirements and the rights of data subjects.
Furthermore, the report sheds light on the challenges faced by organizations in complying with data protection laws in Uganda including the Data Protection & Privacy Act, 2019 and Data Protection & Privacy Regulations of 2021. These challenges encompass areas such as data breach prevention, cross-border data transfers, and industry specific concerns while stressing the importance of organizations adopting robust data protection strategies. Best practices and recommendations are provided to help organizations establish effective data security measures, manage data breaches, and protect the rights of data subjects.
Ms Stella Alibateese, the National Personal Data Protection Director, commended Ernst & Young for their proactive efforts and emphasized the report’s significance in shaping policy decisions and implementation strategies. With the increasing digitalization of services, data breaches and cybercrime risks, especially in the banking and financial services sector, have heightened. Ms Stella highlighted the importance of sharing the report’s findings with the government, private sector, civil society, and the general public to achieve national data protection and privacy goals.
By providing insights and guidance, EY empowers organizations in protecting sensitive data, mitigating risks, and safeguarding individuals’ privacy. EY aims to contribute to the ongoing conversion surrounding data protection and provide a foundation for decision-making, empowering individuals, organizations, and policymakers to take concrete steps towards safeguarding data privacy rights in the digital era.