Silham Consulting & Training Services is the leading firm in data protection and privacy practice in Zambia. Silham has assembled a team of consultants who are experts in the legal and technical know-how of data protection and privacy practice. Silham will help you understand your current state of affairs with regards to compliance, your requirements towards compliance and associated risks, and then assign appropriate resources that will help you get on the road towards compliance and address the identified risks as either a one-off assignment or as part of a longstanding working arrangement.
The Zambian Data Protection Act No. 3 of 2021 requires every organisation that collects and processes personal data to appoint a DPO. Although further guidelines are yet to be issued by the Data Protection Commission regarding which category of organisations will be expected to have mandatory appointment of a DPO, it is advisable and best practice for any organisation, big or small, to have DPO services, whether internal or external, in order to enhance its compliance to data protection laws. At Silham, we offer Outsourced (External) Data Protection Officer services that would quickly help set an organisation on the compliance journey, by tapping into the expertise already available, than having to build one over a period of time.
In order to be effective in his or her role, a DPO should have the following competencies:
To be able to acquire the knowledge and skills listed above, it is advisable to get certification for DPO practice. At Silham, we offer the following certifications:
The guidelines for the appointment of a DPO by Controllers/Processors have not yet been issued by the Data Protection Commissioner as provided for in the Data Protection Act of 2021. However, the GDPR, on which the Zambian Data Protection Act of 2021 is modelled, does not advise appointment of an employee as DPO when they have another role or position whose duties would be in direct conflict with the role or duties of a DPO. Our expectation is that, the guidelines to be issued by the Data Protection Commissioner would be in line with this best practice standard set by the GDPR. It is therefore our considered view that any employee directly involved in the determination of how data need to be processed (such as those in management) or directly involved in the processing of data, should not be appointed as DPO as long as they are also in that position or role. The DPO role should remain independent in the organisation in order to perform its role effectively and professionally without undue interference from the organisation's hierarchy.
PECB GDPR CDPO qualification is a certification in data protection practice offered by an ISO Certified Canadian training organisation called Professional Evaluation and Certification Board, PECB in short. PECB offers, among many programmes, the internationally known qualification called Certified Data Protection Officer (CDPO) based on the European data protection regulatory framework, called the General Data Protection Regulations (GDPR). Silham Consulting and Training Services has partnered with PECB to offer this course in Africa and Middle East on behalf of PECB. Silham has within its ranks, qualified trainers to offer this highly sought after professional certification in data protection.
The Introduction to Data Protection Officer (IDPO) Practice programme is a locally promoted professional certification in data protection, developed and offered exclusively by Silham Consulting and Training Services. It is targeted at practicing DPO's and those intending to work as DPO's in Zambia but do not have any certification in data protection. It is based on the Zambian Data Protection Act of 2021, while drawing some lessons from the GDPR. The knowledge and skills acquired from this programmes enables one to effectively function as a DPO in Zambia, providing effective advice to controllers and processors as they embark on the compliance journey and ensuring continuous compliance to relevant provisions of the data protection laws and regulations. The curriculum also draws on global best practices in data protection, making the IDPO Practice course quite competitive in terms of content and pricing. The IDPO Practice course offers an opportunity to Zambian professionals wishing to practice data protection in Zambia as DPO's but may not have the financial resources to pay for the more financially demanding international qualifications. Silham issues a certificate upon successful completion of the programme.
Silham provides a wide range of consultancy services meant to address specific compliance issues that an organisation faces. Leveraging the expertise of the consultants Silham has assembled, we are able to identify gaps in an organisations compliance level, provide actionable solutions to close the identified gaps, and set the organisation on the path to full compliance to the applicable data protection laws. Consultancy services include such services as, Compliance Gap Analysis, Data Mapping, Data Protection Impact Assessment, Records of Processing Activities Framework, Data Protection Policies Review and Development etc.