Reflecting on the purposes of a data protection compliance organisation
Michael Irene is a data and information governance practitioner based in London, United Kingdom. He is also a Fellow of Higher Education Academy, UK, and can be reached via moshoke@yahoo.com; twitter: @moshoke
It is interesting to reflect on the purposes of a Nigerian Data Protection Compliance Organisation(DPCO), and in particular what value it can offer in exchange for a company’s hard-earned cash. If asked I would argue that the data protection compliance organisation’s key value is that they provide pragmatic change model for companies in the management of data.
Let me expand on this — first the notion of pragmatic does not mean complexity. It means simplifying business processes to align with the new Nigerian Data Protection Regulation and services presented in a way that is hopefully, effortless, undemanding and accessible. For me this notion of accessibility is key because many technicalities are embedded in the data protection regulations in Nigeria and across the world.
As DPCOs, the process of working with companies to ensure that they are doing right with data in their possession is pertinent in building a safer Nigerian business environment that could lead to an increase in international investment and more importantly, that could lead to safeguarding the freedom and rights of customers.
Second is the idea of change model. There are many inspiring models out there that any company can use to further enhance their data privacy frameworks. But the trouble is that some of the frameworks used are often obsolete and complicated to pull out when needed. Typically when a company is in a conundrum about their management of data, they usually fall back into these complicated frameworks to crawl into a safe space. However, these quick fixes open the company’s processes to more uncanny realities. That’s why a DPCO can come in to help unpack the complexities embedded in the marriage between data protection regulations and business processes.
The final point is to highlight is this notion of compliance organisations. As a compliance organisation, it is imperative that every work carried out must place value over quick gains, excellent delivery over misdirected priorities and fostering the business environment over any other miscellanies. Any mild reflection on history will inform us that in reality collective changes in business process can either make or break a business. The DPCO therefore must, at all times, ensure that delivering excellent service is their mission.
Recently, our company, Mirene Global Consults, was issued the Data Protection Compliance Organisation licence. That means, we too, must ensure to deliver value and ensure that we impress upon companies an excellent approach towards building a sustainable data management scheme. We are driven by a basic mission: to help companies build processes that comply with various data protection regulations. Our management techniques, project planning system and quality control procedure represents top-notch standards.
I am glad that there are enough data protection compliance organisations in Nigeria. It is a sign that there are many privacy professionals willing to assist Nigerian companies build reputable business processes that are globally accepted. Although competition might rare its head among data protection compliance organisations, but the best approach would be collaborating to build a holistic environment that can create new business and help existing businesses excel in their service or product offerings.