The DIFC Data Protection Law (DIFC Law No. 5 of 2020) has been effective since 1 July 2020 and enforceable as of 1 October 2020. The DIFC law aims to safeguard the personal data of individuals whose data is processed by DIFC registered entities. It is heavily influenced by the EU General Data Protection Regulation (GDPR) as well as other world-class data protection laws.
Some of the key features of the new law include the clarification of data subjects’ rights, the facilitation of appropriate data sharing structures between governmental authorities, as well as the introduction of a framework that will support the DIFC’s bid for adequacy recognition by the European Commission and the UK, which will enable data transfers from the DIFC to the EU and the UK.
Organisations may be subject to fines for non-compliance.
Assess your ability to comply with the Law
In partnership with DIFC, we have launched a tailored online DIFC data privacy law self-assessment. The self-assessment has been developed in line with PwC’s internationally-established data protection framework, and tailored to the specifics of the DIFC law to enable you to determine your organisation’s maturity against the law’s requirements.
This comprehensive assessment takes you through all key areas of the DIFC data privacy law in detail, and provides you with a bespoke report outlining where your organisation currently stands, and what steps are needed in order to become compliant.
Powered by our Digital Trust Manager: Assess platform, the tool uses business intelligence and data visualisation to help organisations take control of their data privacy risks.
Results dashboard
Clear visuals demonstrate current status versus the target maturity level.
Bespoke recommendations for improvement
Receive bespoke recommendations on how to progress from your current status to your target maturity level.
