Hospital Managers at the 2017 Retreat of the National Catholic Health Service have been sensitized on the Data Protection Law.

The Data Protection Law, Act 2012 (Act 843) was promulgated by the government to  protect the privacy of the individual and personal data by regulating the processing of personal information to provide the process to obtain, hold, use; or disclose personal information and for related matters.

 Per the law, Data means information which:

1. is processed by means of equipment operating automatically in response to instructions given for that purpose (e.g. computer & software);
2. is recorded with the intention that it should be processed by means of such equipment;
3. is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system; or
4. Does not fall within any of the above but forms part of an accessible record.

Data collected must be for a specific purpose and related to functions or activity of the Collector. Data subject must be aware of the purpose of data collection and also Data collected must not be retained for a period longer than is necessary to achieve the purpose for which it was collected unless required by law; or subject consents or by virtue of contract between collector and subject.

Some private and public institutions including health facilities in the country have been charged with violation of the new law after visits by the task force of the Data Protection Commission.

According to the Director of Health at the National Catholic Health Service, George A. Adjei, Esq, there could not have been any appropriate time for the sensitization on this law since health workers are custodians of vital data of patients and clients.

Mr. Adjei, who was also the facilitator for the session, admonished all hospital managers to ensure they register their facilities with the Data Protection Commission.

Registration with the Commission attracts a fee range between GHC 100.00 (small institutions), GHC 750.00 (medium-size institutions), and GHC 1,500.00 (large institutions).

The 10-digit institutional TIN (Ghana Revenue Authority) is required to register. Payment is done only through an E-Collect platform (no bank account needed) either by cash or cheque at any ECOBANK branch. Certificate of registration is issued within two weeks or more or less.

Certificate of Registration is issued for a two-year duration and it is renewable.  Registration is done online:             https://www.dataprotection.org.gh/. It takes about 30 minutes to register/