Smith, who is the Executive Director of Tand Y Information Management Services Ltd., said this at the NDPR Awareness Seminar held on Thursday in Lagos.
According to him, NDPR is a set of rules about how an organisation should process the personal data of individuals.
“Prior to approval of the NDPR by the National Information Technology Development Agency there was no unified regulation or law that provides for protection of individuals rights.
“With this in place and its proper implementation, it will attract investors, create employment, increase Gross Domestic Product, create positive image and boost digital economy in the country,” Smith said.
He said that the implementation of the regulation would further help to foster safe conduct of transactions involving the exchange of personal data, prevent the manipulation of personal data and create public trust, among others.
Smith said that for organisations, the implementation would help to protect its reputation, minimise security incidences, retain existing customers and attract new ones, improve data governance and better data security.
He added that for an individual, the implementation would enable them to know their data that was being collected and used by a company and for what reason, have the right to demand why their data was transferred to another source.
He said that there was exception to NDPR, pointing out it does not apply to the processing of personal data for national security activities or law enforcement.
He said there would be an administrative redress panel where people could seek redress in the event of a breach.
“Smith said: “For non-compliance and penalty for default, one may not only pay fine but can also go to jail.
“In the case of data controller with more than 10,000 data subjects, fine payment is two per cent of annual gross revenue of the preceding year or payment of N10million.
“For less than 10,000, one per cent of annual gross revenue of the preceding year or N2million is paid.”