News / National
Potraz certifies 700 data protection officers
5 hrs ago | Views

In a parallel development focused on digital regulation, the Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) has announced that over 700 data protection officers (DPOs) have been certified so far this year, bolstering the country's data governance capacity.
The announcement was made by POTRAZ director-general Dr Gift Machengete during the signing of a Memorandum of Understanding (MoU) with the South African Information Regulator (SAIR) in Harare.
"We certified these data protection officers through a program that we have with a local university and the Harare Institute of Technology. The certificate is respected in the country's education system and cannot be easily replicated," said Dr Machengete.
He added that 570 data controller licences had also been issued to various entities as part of the authority's compliance drive under the Cyber and Data Protection Act.
Under Statutory Instrument 155 of 2024, all entities processing personal data were required to register with POTRAZ by March 12, 2025. The authority said it is focusing on education and engagement rather than penalties to encourage full compliance.
"At the end of the day, what we are interested in is compliance, not fines. We are helping non-compliant organisations understand the importance of protecting data," Dr Machengete said.
Government ministries and departments were praised for their proactive participation, while 45 data breach cases have been recorded so far this year.
As POTRAZ continues to evolve into a "triple regulator" – overseeing telecommunications, postal services, and data protection – Dr Machengete said full regulatory convergence remains the ultimate goal.
"We are still at G3 regulatory maturity. Once we converge broadcasting and telecommunications, we can become a fully efficient G4-level regulator."
The partnership with SAIR is expected to further support Zimbabwe's data protection framework through knowledge sharing and regional cooperation.
The announcement was made by POTRAZ director-general Dr Gift Machengete during the signing of a Memorandum of Understanding (MoU) with the South African Information Regulator (SAIR) in Harare.
"We certified these data protection officers through a program that we have with a local university and the Harare Institute of Technology. The certificate is respected in the country's education system and cannot be easily replicated," said Dr Machengete.
He added that 570 data controller licences had also been issued to various entities as part of the authority's compliance drive under the Cyber and Data Protection Act.
Under Statutory Instrument 155 of 2024, all entities processing personal data were required to register with POTRAZ by March 12, 2025. The authority said it is focusing on education and engagement rather than penalties to encourage full compliance.
"At the end of the day, what we are interested in is compliance, not fines. We are helping non-compliant organisations understand the importance of protecting data," Dr Machengete said.
Government ministries and departments were praised for their proactive participation, while 45 data breach cases have been recorded so far this year.
As POTRAZ continues to evolve into a "triple regulator" – overseeing telecommunications, postal services, and data protection – Dr Machengete said full regulatory convergence remains the ultimate goal.
"We are still at G3 regulatory maturity. Once we converge broadcasting and telecommunications, we can become a fully efficient G4-level regulator."
The partnership with SAIR is expected to further support Zimbabwe's data protection framework through knowledge sharing and regional cooperation.
Source - The Herald