The Rwandan parliament is yet to ratify of the African Union Convention on cyber security and personal data protection adopted at Malabo, Equatorial Guinea, in 2014, an official source confirmed Wednesday to APA in Kigali.
When the new ratification came into force, Rwanda will become the fifth country to ratify the framework after Senegal, Mauritius, Namibia and Guinea.
While Africa has made major headway in developing its digital ecosystem in the past decade, official estimates say that despite these efforts, there is still an evident gap among African Union (AU) member states in terms of awareness, understanding, knowledge and capacity to deploy and adopt the proper strategies, capabilities and programmes to mitigate cyber threats.
The Rwandan Minister of Information and Communications Technology and Innovation, Paula Ingabire told lawmakers Wednesday in Kigali that the essence of the convention is to pave the way for the implementation of the National Revolution Policy of 2017.
This policy requires the government harmonise laws for protection of individuals with regard to the processing of personal data and privacy, it said.
Equally, it raises privacy concerns and requires the protection of personally identifiable information or other sensitive information collected, stored and used.
Additionally, the policy notes that health information, privacy and protection rules need to be strengthened to protect patients from access of private medical information by insurances and other health business practitioners without complying with universally-recognised data protection principles.
The data protection law would encompass the key principles and other fundamentals.
These include to regulate collecting, processing, storing and sharing of personal data; establish the legal and institutional frameworks to protect personal data.
Other key principles is to establish guidelines and limitation in collecting personal data for a specific, explicit and legitimate purpose.
AU Convention on Cyber Security and Personal Data Protection, was established June, 2014 after widespread ICT access and Internet penetration in Africa has also raised concerns over the need to promote cybersecurity governance and cyber stability across the continent.
The Convention imposes obligations on member states to establish legal, policy and regulatory measures to promote cybersecurity governance and control cybercrime.
CU/as/APA