Data Protection and Privacy Office joins RISA to conduct a government workshop on DPP Law

On 5th May 2023, the Data Protection and Privacy Office joined Rwanda Information Society Authority (RISA) to conduct a 1-day workshop for government institutions on implementation of Rwanda’s personal data protection and privacy law (DPP Law).

The workshop was carried out in line with the end of the DPP Laws transitional period on October 15, 2023, where the DPP Law comes in full force and all entities that process personal data must be compliant.

To provide context on the laws inception, the workshop began with an introduction to the supervisory authority of the DPP Law, the National Cyber Security Authority (NCSA), and its office tasked with spearheading all activities related the DPP Law’s implementation, the Data Protection and Privacy Office.

The workshop then facilitated discussions and question and answer sessions following presentations on the following areas:

• DPP Law Compliance Roadmap for Government Institutions - RISA
• About the Personal Data Protection and Privacy Law – Data Protection and Privacy Office
• Introduction of the Government Enterprise Service Bus - RISA
• Cyber-security Awareness – Rwanda Computer Security Incident Team (Rw-CSIRT)

The areas of discussion were formulated to give participants a holistic set of information to apply to the process of implementing the DPP Law, which requires institutions to apply organizational and technical measures that protect personal data and guarantee the privacy of individuals

Key takeaways

With five months left to the end of the DPP Law transitional period, all institutions are encouraged to be compliant with the personal data protection and privacy law.

To register with the Data Protection and Privacy Office as a Data Controller, Data Processor or both, read our registration guide