Qatar has potential to become a role model for other GCC nations for data privacy implementation and regulation. Data privacy is important for all businesses operating in Qatar, including Small and Medium Enterprises (SMEs).
In very simple terms, data privacy is about ensuring people can trust organisations to use their data fairly and responsibly, said Nakul Srivastava, Digital Trust, Director PwC Middle East and Phil Mennie, PwC Middle East Partner - Digital Trust. There are mainly four reasons why data privacy is important for businesses.
Firstly Regulation, that is the regulatory bodies across the globe are taking an increasingly tough stance on privacy, imposing heavy fines on breaches for violations of individuals right to privacy.
Recent Ministry and Transport and Communications (MoTC) guidelines on data privacy have provisions of similar fines. Secondly, competitive advantage that is organisations in Qatar are finding efficient and economical ways to run their businesses which involve transferring data outside of their jurisdictions and are using data analytics to create new revenue streams. Strong data privacy could support competitive position.
Thirdly, trust that is organisations need new mechanisms to build consumer trust and confidence as they address emerging challenges in business, risk management, and compliance. Data privacy is a potent tool to build customer trust.
And fourthly, interconnected world as the traditional ways of doing business are no longer valid in an increasingly interconnected world, with people and information being spread across multiple countries. Strong data privacy processes lubricate data flow.
The experts pointed that according to the feedback received in the recent webcast poll questions around awareness of the new guidelines have been encouraging. There are a set of organisations who have done a lot of work in data privacy; however, a handful of organisations are some yet to start their journey.
“However, we strongly feel that this is going to change very soon with efforts from all the parties involved. Qatar has potential to be a role model for other GCC nations for data privacy implementation and regulation,” they added.
Considering PwC’s recent webcast, the experts discussed MoTC’s role as regulator in data protection. Compliance and Data Protection (CDP) within MoTC, oversees Law No. 13; the Personal Data Privacy Protection Law (PDPPL) and therefore regulates data privacy in Qatar.
It offers advice and guidance, promotes good practice, carries out audits and advisory visits, considers complaints, monitors compliance and supports enforcement action, where appropriate. Qatar implemented Law No. (13) of 2016 (the Personal Data Privacy Protection Law) to protect the privacy of individuals’ personal data. With this, Qatar became the first Gulf Cooperation Council (GCC) member state to issue a personal data protection law.
The experts said, “Most recently, the regulator, MoTC in Qatar issued a set of guidelines to support organisations in understanding their obligations under the Personal Data Privacy Protection Law and to help achieve compliance with the Law.
With this enhanced focus on data protection from the regulator, it is more important than ever, to prepare your organisation to meet these personal data handling requirements.