These remarks were made by Ms. Patricia Adusei-Poku, Commissioner of the DPC, as part of her statement to mark the end of the 2023 year. Speaking to the media at a press briefing, she reminded institutions of the need to renew their data licenses every two years in accordance with Section 50 of the Data Protection Act (DPA).

Ms. Adusei-Poku noted that from January 9, 2024, the scope of audits and spot checks would include the inspection of displayed valid data registration licenses, organisational measures, efforts towards data protection, and implemented privacy programmes.

She said that the Parliamentary Select Committee had taken a keen interest in the compliance of public sector institutions and would summon negligent leaders. She again urged medium- to large-sized institutions to train Data Protection Supervisors (DPS) with the DPC in order to empower them to carry out their mandate.

The DPC, she said, was scaling up its collaboration with over 75 peer regulators to include industry bodies and associations. The Commissioner again urged data subjects to note that they were empowered by law to report first to their data controllers and escalate unresolved issues to the commission.

In 2024, Ms. Adusei-Poku said the DPC would involve data controllers and the general public in the Global Data Protection Week. She said that they would also publish the names of entities, businesses, and institutions in good standing. She invited all institutions to take advantage of the free webinars organised by the DPC to understand their obligations and issues in relation to data protection.