Stakeholder consultation workshop on data protection regulations

The Kenya Data Protection Act, 2019 was enacted on the 25th November 2019 and is currently the Law on all matters that deal with Data privacy and protection.

The office of the Data protection commissioner has been drafting regulations regarding access and processing personal information, specifically about organizations that may want that information to actualize responses to, and research on, the pandemic, including data requests by innovators and researchers, to give effect to the right to privacy as it relates to the protection of personal information among other regulations. The regulations are:

Data Protection (General) Regulations, 2021
These regulations set out the procedures for enforcement of the rights of the data subjects as well as elaborating on the duties and obligations of Data Controllers and Data Processors.


Data Protection (Compliance and Enforcement) Regulations, 2021
These regulations outline the compliance and enforcement provisions for Data Commissioner, Data Controllers and Data Processors. 

Data Protection (Registration of Data Controllers and Data Processors) Regulations, 2021
These regulations define the procedure that will be adopted by the Office of the Data Protection Commissioner in registering Data Controllers and Data Processors as per the Data Protection Act.

The office of the Data protection commissioner is currently in the public participation phase and is inviting comments from the general public. To this end, the comments from the University community are being collected here: Click here to give comments

It is an anonymous exercise and no personal data is being collected.

Kindly give your comments by 10th May 2021.