Select Page

2022 UAE Data Protection Law. Steps to success.

MPI Learning Blog

UAE Data Protection Law

 

A new range of legal reforms has recently been introduced to the UAE. Namely the UAE federal Decree-law No 45 regarding Personal Data Protection.

The EU went through similar changes back in 2018 with the implementation of “GDPR” and if any lessons can be learnt from that, this is something that requires careful planning and preparation to avoid any issues, challenges or potential fines come the day they go live.

I have taken the opportunity to highlight some of the items that all companies will need to consider when working their way through the list of requirements that need to be completed ahead of deadline day come November 2022.

The aim of the law is to ensure that all data is kept safe, secure and held in a transparent and accurate manner.

Data Subjects – you the customer now will have much greater control and say in how your data is managed, and shared.

There must be specific reasons why your data is held and for what purpose and for how long.

Listed below are some tips/suggestions to help Companies in their planning for this Legal Degree.

Not exhaustive by any means however will start you thinking that this is something that requires a lot of thought and careful and strategic planning to ensure success and preparedness come live day.

UAE Data Protection Law

DPIA – Data Protection Impact Assessment

This will be required to commence any workstream ahead of any project. The aim of the DPIA is to perform a health check against current state v desired state in terms of what you need to complete to be compliant.

DPO – Data Protection Officer

A new and vital role going forwards this or these people will ensure strict compliance with the laws and will be a point of contact for the company with the Supervisory Authority.

These people can be an existing employee, or this can be outsourced to a third party. Reporting line must be to the senior levels within the organisation and the roles impartiality is paramount.

The recruitment for this role will be a clear signal to the regulator that you are giving data Protection the level of focus that is required.

WORKSTREAMS – CULTURAL CHANGE

This will require the highest levels of support from the Board, cascading throughout the organisation
A working group will need to be established to cover Personal data audits, Gap Analysis, Project management parameters, and to ensure all key stakeholders are ready for the cultural change that is coming.

TRAINING & AWARENESS

There are various programmes that will benefit companies as early in the process as possible.

Training for all staff is a must from awareness of what is required to more specific and technical areas such as the DPO role and Processing and controlling functions that will be required.

Add this to your HR budgets for 2022 now. Training will become an ongoing part of your training budgets going forwards.

NOT JUST THE UAE

The Protection law also expects you to have clear governance about how you manage data to outside countries. Therefore, if your organisation manages clients multi country this will need to be evidenced just as it will be for UAE residents.

SANDS OF TIME

The timelines are incredibly tight when all that is required is considered.

With further changes will come later this year with regards to possible enforcement actions for non-compliance there is no time to waste in starting the work.

The EU legislation imposed heavy fines for non-compliance and we must assume that similar penalties may come into effect in the UAE, this is to be confirmed around March /April time.

For more information on the support we provide around Data Protection click here.

More news from MPI Learning

2022 UAE Data Protection Law. Steps to success.
Blog
20/01/2022
A new range of legal reforms has recently been introduced to the UAE. Namely the UAE federal Decree-law No 45 regrading Personal Data Protection.
The Evolution of MPI
News
22/10/2021
As we head into our 13th year of business, we feel it is time for a refresh and a change as the current brand doesn’t quite represent who we are now as a business.
Our new office location, 44 - 46 Forest Road
News
01/04/2021
MPI has moved into a new office located at 44-46 Forest Rd, Loughborough, LE113NP.
Virtual learning it's place in the future of learning strategy
Blog
10/02/2021
After the challenges of 2020, we can now reflect on the year behind us and begin to assess what is going to stay or go from its impact and our experience?

If you would like to know more please get in touch

=