Nigerian companies are likely to be negatively impacted by the European Union’s (EU) General Data Protection (GDPR) if adequate sensitisation is not carried out, data experts say.
Experts at Hitachi Vantara, a data storage system provider, say Nigeria must abide by the directives of the GDPR law since it hosts data of different nationals and does business with citizens from other countries, including countries in the EU.
Speaking during a collaborative event with Allied Computers, organised to provide insights to organisations, chief risk officers and compliance officers in Lagos recently, Manfred Gramlich, director, data intelligence, Hitachi Vantara, states there is an increasing need for Nigerian companies dealing with EU to understand the impact breaching the GDPR can have on their businesses.
“Hitachi can help Nigerian businesses in their journey to GDPR and other regulations compliance requirements by providing an end-to-end solution for anything related to GDPR to ensure companies are not penalised,” Gramlich says.
He urges chief executive officers to have clear understanding of those regulations to prevent data breaches, which can have adverse effect on their companies and reputation.
Akinwale Awosokanre, regional managing director, Hitachi West Africa, also reinforces the position of Gramlich, saying anybody that does business anywhere in the world with EU entities, companies and keeps record of data concerning those entities are affected by the GDPR, irrespective of whether they are in the EU or in Nigeria. He says organisations should govern and manage data properly and also ensure that data are released to the right people.
“Hitachi has been involved in doing this in order countries and felt the need to bring it home and localise it,” Awosokanre says.
Also speaking, Olatunji Kehinde, general manager, Allied Computers, says they understand that it could be explosive if a company runs foul of the regulations.
“We discovered that a lot of people don’t understand the regulation and how to go about compliance. So, this event explained the process of getting compliance, the tools and technology needed to achieve it. If you have a foreign partnership deal with EU-based company or with an EU citizen, then you are affected, whether airline, bank, or card payment service provider.
“So, every Nigerian company is advised to comply. However, the best way to understand compliance is to approach Hitachi and Allied Computers who can help build a compliant solution that is required to navigate the intricacies of the regulation,” Kehinde notes.
Meanwhile, speaking from legal point of view, Kunle Ajagbe, a barrister with Aidan Partners, says, “What Nigerian companies who have any business with EU or EU citizens must do is to comply, upgrade their standard of operation, and ensure privacy of data that has been shared with them. That is the only way to avoid the breach and penalty attached to the operations of the GDPR.”
The GDPR standardises data protection law across all 28 EU countries and imposes strict new rules on controlling and processing personally identifiable information (PII) of all its citizens across the world. GDPR replaces the 1995 EU Data Protection Directive, and went into force on May 25, 2018.
