Data protection compliance is a key duty of all organisations, public and private, which handle personal data. As well as the legal and regulatory impact of a serious data protection incident, the harm to trust, brand and reputation can be literally incalculable. The Data Protection Regulation and Privacy Act 2019 created significant new obligations, as well as massively increased financial penalties on data collectors, controllers and processors operating in Uganda

The Data Protection and Privacy Act and the Data Protection and Privacy Regulations came into force on 25th February 2019 and 12th March, 2021 respectively. Consequently, most organizations within the public and private spheres involved in the collection and processing of personal data are now legally required to appoint and train a Data Protection Officer (Section 6 and Regulation 47 of the DPPA and DPPR respectively), who is liable for activities such as tracking compliance, performing internal audits, and directing Data Protection tasks. It does not only highlight the core principle of data protection which is accountability but more importantly, serves as an instrument in cultivating a culture of privacy and compliance in an organization. Together with the top management, a DPO should forefront an organization’s journey toward compliance and accountability in accordance with the DPPA 2019 and the DPPR 2021.

Participants attained an entrenched knowledge of the principles of Data Protection. They were taken through the role of the Data Protection Officer, the rights of data subjects, the challenges DPOs, the DPO’s role regarding data breaches, incident response, and incident recovery were analyzed.

Participants Trained

  • Healthcare Providers20%
  • Insurers20%
  • NGOs and Civil Society30%
  • Others60%


NGOs and Civil Society

Data Protection Training for NGOs and Civil Society

Data Protection Training for Insurers and Healthcare Providers