Training & Awareness

Bespoke Awareness Training refers to customized data protection training sessions tailored to meet the specific needs of institutions, industries, or organizations. This training addresses sector-specific data protection challenges, operational workflows, and compliance requirements.

Key Features:

• Customization: Content is adapted to suit the specific needs of the requesting institution.
• Target Audience: Institutions, businesses, and organizations from various sectors.
• Delivery: In-person, virtual, or hybrid format.
• Focus Areas: Compliance with the Data Protection Act 843, data processing best practices, and industry-specific scenarios.

Relevance to Data Protection Act 843: Section 28 of the Act requires data controllers to implement organisational measures to ensure their employees are aware and appreciate the need to respect and uphold the privacy rights of individuals within their respective roles or departments and comply with the obligations required in the Act. The bespoke training ensures these obligations are met according to the organisation’s specific needs.

Read More

The Free Awareness Training is a public initiative designed to increase the general understanding of data protection principles among individuals, small businesses, and the general public. It promotes privacy rights and responsible data handling practices.

Key Features:

• Cost: Free for participants.
• Delivery: Delivered through webinars, community events, or public sessions.
• Audience: Open to the general public, Data Controllers/processors.
• Focus Areas: General overview of data protection principles, rights of data subjects, and duties of data controllers.

Relevance to Data Protection Act 843: This aligns with the DPC’s mandate to promote awareness of data protection rights and obligations as outlined in Section 2(b) of the Act, which emphasizes the importance of education and awareness creation.

The CDPS Training is a specialized program designed to equip individuals with the knowledge and skills required to serve as Certified Data Protection Supervisors (CDPS) within their organizations. This training focuses on the practical application of data protection principles.

Key Features:

• Certification: Participants become Certified Data Protection Supervisors (CDPS).
• Target Audience: Individuals who wish to become internal data protection leads or supervisors within their organisations.
• Delivery: Structured classroom sessions or virtual sessions.
• Focus Areas: Data Protection Act 843, rights and obligations under the Act, data breach response, and compliance monitoring.

Relevance to Data Protection Act 843: Section 58 of the Act requires data controllers to designate persons to ensure compliance with data protection rules. The CDPS training provides the skills and knowledge necessary to fulfil this requirement.

Read More

The Train-the-Trainer Program is designed for individuals who wish to become facilitators of data protection training within their institutions, industries, or the broader community. Participants are trained to deliver data protection awareness training.

Key Features:

• Capacity Building: Empowers participants to serve as trainers within their own organizations.
• Audience: HR professionals, learning and development officers, and internal compliance trainers.
• Delivery: In-person or virtual training.
• Focus Areas: Data Protection Act 843 principles, adult learning methods, facilitation skills, and knowledge transfer techniques.

Relevance to Data Protection Act 843: This training supports organizations in embedding a culture of data protection awareness within their operations, fulfilling their obligations under Section 50 of the Act to ensure employees understand and adhere to data protection principles.

Accreditation is the formal process by which the Data Protection Commission (DPC) approves and certifies third-party institutions, trainers, and consultants to deliver official data protection training in accordance with the Data Protection Act 843, Act 2012.

The purpose of accreditation is to ensure that training providers meet the required standards of quality, competence, and alignment with the DPC’s regulatory framework. Accredited training providers are listed as Certified Training Institutions by the DPC.

Accreditation Process

a) Application Submission:

• Applicants (institutions or individuals) seeking accreditation must complete the DPC’s Accreditation Application Form and provide supporting documents, including company registration details, CVs of trainers, and training materials and any other documentation that will be requested by the Commission in a request for applications.
• Payment of Application Fee: Applicants are required to pay a non-refundable application fee as part of the submission process. Proof of payment must be attached to the application.

b) Eligibility Criteria:

To be eligible for accreditation, applicants must meet the following criteria:

• Good Standing: The institution must be in good standing with the Data Protection Commission.
• Certified Staff: The institution must have at least two (2) trained and certified Data Protection Supervisors (CDPS).
• Train-the-Trainer Course: The applicant must have their training team successfully complete the Train-the-Trainer Certification from the Data Protection Commission.

c) Review and Assessment:

• The DPC evaluates the applicant’s training materials, content, trainers, and methodology to ensure alignment with the Data Protection Act 843.
• Training content is reviewed to ensure it is up-to-date and relevant to the Ghanaian data protection framework.

d) Presentation to the DPC:

• The applicant must deliver a presentation to the DPC to demonstrate their capacity to deliver training in alignment with the Commission’s standards.
• This presentation allows the DPC to assess the applicant’s communication, training delivery skills, and understanding of data protection principles.

e) Approval and Certification:

• Successful applicants are issued a Certificate of Accreditation, which authorizes them to deliver DPC-approved data protection training programs.
• Payment of Accreditation Fee: An accreditation fee must be paid upon approval before the issuance of the Certificate of Accreditation.

f) Ongoing Monitoring and Compliance:

• Accredited Institutions are subject to periodic monitoring and re-assessment to ensure they continue to meet DPC standards.
• Non-compliance may result in the withdrawal or suspension of accreditation.

Key Features of Accreditation

• Recognition: Accredited training providers are officially recognized by the DPC and listed on its official website.
• Compliance: Ensures that training providers follow the DPC’s guidelines and standards.
• Credibility: Enhances the legitimacy of the training provider in the eyes of clients and stakeholders.
• Ongoing Review: Accredited providers are subject to continuous review and periodic reassessment to maintain certification.

Accreditation fees are payable at two key stages of the process:

    i. Application Fee

    ii. Annual Operational Fee

Note: Fees are non-refundable, and payment receipts must be submitted as proof of payment at each stage.

Relevance to Data Protection Act 843: Accreditation supports the enforcement of the Data Protection Act 843, specifically the duty of the Commission to “promote the development of data protection compliance programmes” as outlined in Section 2(d). By ensuring that training providers meet a consistent standard, the DPC promotes high-quality, compliant training delivery.