DATA GOVERNANCE
“Having a robust Data Governance Framework to ensure data is shared, available and accessed in a secured manner.”
Draft Data on Data Governance Policy
Media Release on Data Governance Policy Summary of Changes and Data Protection
Governance and Data Protection Policy 2023
Data Governance is the process of establishing and maintaining control over the collection, storage and use of data within an organization.
The National Data Governance and Protection Policy provides a framework for the responsible use, management, and governance of data across public and private sectors in Papua New Guinea. The policy aims to mitigate risks associated with the increased use of data, including data breaches and misuse, by providing clear guidelines on how data should be collected, stored, processed, and used.
This policy represents a significant milestone in Papua New Guinea’s efforts toward digital transformation, and more importantly, the protection of personal data and privacy rights of its citizens. As the world becomes more digitized, data has become an asset and is fundamental to the economic, social, and political development of the country. However, with the increased use of data comes the risk of data breaches and misuse, which can have significant consequences for individuals and society.
The policy aims to promote a digital ecosystem that is secure, trustworthy, and respects the rights of the people of Papua New Guinea. The policy outlines the key principles of data governance and protection, including the need for transparency, accountability, and respect for privacy rights. It establishes the roles and responsibilities of stakeholders in the data ecosystem, including data controllers, data processors, and data subjects, and outlines the procedures for handling personal and sensitive data.
The policy establishes the legal framework for data protection and governance, which includes the principles of data minimization, purpose limitation, and data accuracy. The policy also recognizes the importance of cross-border data flows and provides for adequate safeguards to ensure that the transfer of data is done in accordance with international standards.
The policy recognizes the importance of promoting data literacy and building capacity in data management, and provides guidance on data ethics and security measures to ensure the protection of personal data. It also outlines the procedures for handling data breaches and the consequences of non-compliance with the policy.
This policy applies to all data controllers, processors, and handlers, both in the public and private sectors, that collect, store, process, and use personal data. It also sets out the roles and responsibilities of different stakeholders in ensuring compliance with the policy.
Overall, the National Data Governance and Protection Policy is a crucial step toward building a digital ecosystem that is secure, trustworthy, and respects the rights of the people of Papua New Guinea.
For more information contact jessy.sekere@ict.gov.pg or lillian.smith@ict.gov.pg