NIA Issues New Guidelines on Personal Data Security and Retention

The National Identification Authority (NIA) has rolled out new guidelines governing the security, storage, and retention of personal information accessed from the National Identity Register (NIR), effective Thursday, March 19, 2026.

The directive, issued in line with Sections 59 and 61 of the National Identity Register Act, 2008 (Act 750), as amended by Act 950 (2017), provides a clear framework for user agencies on how to manage personal data obtained from the NIR.

According to the NIA, the guidelines are intended to strengthen data protection practices among institutions that rely on the national database for administrative purposes. They also prescribe specific retention periods for personal data to ensure it is not kept longer than necessary.

The Authority emphasized that the move is aimed at enhancing accountability and safeguarding sensitive personal information against misuse or unauthorized access.

Among the key objectives of the guidelines are ensuring that personal data is securely stored, promoting responsible data management practices, reducing the risk of data breaches, and ensuring compliance with Ghanaian laws as well as international data protection standards.

The NIA noted that all user agencies are expected to adhere strictly to the new directives as part of efforts to protect the integrity of the National Identity Register and maintain public trust in Ghana’s identification system.