The Nigeria Data Protection Commission (NDPC) has announced ongoing investigations into global digital platforms, including Truecaller and TikTok, for how they handle Nigerian citizens’ personal data.
During a working visit to the Coordinating Minister of Health and Social Welfare, Professor Muhammad Ali Pate, in Abuja, Dr. Vincent Olatunji — the National Commissioner and CEO of the NDPC — revealed this. The visit focused on strengthening data protection strategies in Nigeria’s healthcare system.
Dr. Olatunji emphasized that under the Nigeria Data Protection Act (NDP Act) 2023, any organization that processes Nigerian citizens’ data falls within the law’s scope. This includes both local and international entities.
“If you reside in Nigeria and process Nigerian data, you are within scope. Even if you are outside Nigeria, once you process the data of Nigerians, you are within scope — and that’s why we are currently investigating global platforms like Truecaller and TikTok,” he stated.
The Act requires organizations to follow strict rules for cross-border data transfers. Data can only be sent outside Nigeria if the receiving country offers a comparable level of privacy protection.
Strengthening Data Protection in Healthcare
The visit also marked the launch of a strategic partnership between the NDPC and the Federal Ministry of Health and Social Welfare. The goal is to improve data privacy safeguards in the healthcare sector. According to NDPC Spokesperson Itunu Dosekun, the collaboration supports the broader priorities of President Bola Tinubu’s administration and addresses growing concerns about patient data protection.
Dr. Olatunji gave an overview of the Commission’s mandate. He highlighted the urgent need to protect personal health data in today’s digital world.
“This sector is generally sensitive, and the kind of information collected — such as medical records — could be misused to discriminate, misdiagnose, or even cause loss of life if not properly secured,” he warned.
He explained that every online activity leaves a “digital blueprint.” This makes it essential to apply strict data security measures in hospitals, HMOs, and other health-related organizations.
In response, Minister Pate acknowledged the huge amount of data collected in the health sector. He stressed the ministry’s commitment to protecting it.
“The health sector is a unique sector. We collect extensive data — from personal health details to demographic statistics — across all our facilities,” he said.
Pate welcomed the NDPC’s efforts and promised full cooperation. He also pledged to ensure data compliance across the ministry’s 107 affiliated health institutions.