Ghana: Data Protection Act 2012 (Act 843) including data protection regulation entered into force

On 16 October 2012, the Data Protection Act 2012 (Act 843) entered into force. The Act specifies conditions for lawful data processing, including lawfulness of processing, specification of purpose, minimality, consent, compatibility of further processing with the original purpose, quality of information, openness about data collection, implementation of data security safeguards, and ensuring data subject participation. It grants individuals rights, including the right to access personal data, request corrections or deletions of inaccurate or outdated information, object to data processing for direct marketing, prevent processing that may cause unwarranted damage or distress, seek compensation for damages resulting from non-compliance, and the right to prevent automated decision-making based solely on automated processing. Additionally, individuals have the right to rectify, block, erase, or destroy exempt manual data and the right to prevent the processing of special personal data, which includes sensitive information such as a child's data, religious or philosophical beliefs, ethnic origin, race, trade union membership, political opinions, health, sexual life, or criminal behaviour, unless specific exemptions or conditions apply.