Data protection: considerations for effective corporate governance

Company directors play a significant role in ensuring compliance with privacy and data protection laws. This includes establishing a governance framework for privacy and data protection, monitoring compliance, training staff, prioritising data security, carrying out risk assessments, and being responsive to data breaches. Under laws such as the Companies and Allied Matters Act 2020 and Nigeria Data Protection Act 2023, directors have a duty of care and skill, and may face personal liability if they misuse corporate information or neglect their responsibilities. Therefore, prioritising data protection is critical.