Assessment of Compliance With data Protection and Privacy Regulations in the Nigeria Healthcare Sector

Authors: K.C. Anyanwu, U.M. Mbanaso, T.K. Anyachebelu, S.E. Chaku

Affiliation: Centre for Cyberspace Studies, Nasarawa State University, Keffi, Nigeria

Corresponding Author: [email protected]

December 31, 2025

SIAR-Global Journal of Computer, Information & Library Science

DOI: 10.5281/zenodo.18366123

Assessment of Compliance With data Protection and Privacy Regulations in the Nigeria Healthcare Sector
Research Article Multidisciplinary

Abstract

Digitalization in healthcare has expanded the collection, storage, and sharing of patient information, thereby increasing exposure to privacy and data protection risks. In Nigeria, compliance expectations for personal data processing in healthcare are shaped by an evolving regulatory framework, anchored on the Nigeria Data Protection Act (NDPA) 2023 and implementation guidance under the General Application and Implementation Directive (GAID) 2025, alongside sector-specific confidentiality obligations. This study examined awareness levels and reported compliance-related practices in four selected Nigerian healthcare facilities. A cross-sectional quantitative survey was conducted using a structured questionnaire administered to 100 participants comprising patients and healthcare staff. Thirty-eight (38) valid responses were analyzed using descriptive statistical techniques. Spearman’s rank correlation was applied as an exploratory test of association for selected ordinal indicators based on complete-case data. Findings revealed uneven awareness of data protection regulations among respondents (n=38), with 37% reporting full awareness and 13% reporting no awareness. Reported safeguards for protecting personal data during storage and transfer (valid n=14) were mainly limited to secure networks (29%) and encryption (21%); several controls, including audit trails/logging, secure disposal, data retention policies, and vendor or third-party security practices, were not identified by respondents. Among healthcare workers only (n=19), 37% reported being unaware of any incident response plan for data breach events. Key perceived barriers to compliance (valid n=17) included lack of awareness (71%), insufficient resources (53%), rapid technological change (47%), and third-party risks (41.1%). Exploratory correlations based on complete cases (n=11) indicated a positive association between monitoring and adherence (ρ=0.656) and a weak negative association between awareness activities and adherence (ρ=−0.244). 

Keywords

Data Protection; Data Privacy; Personal Data; Patient Data; Nigeria Data Protection Act (NDPA) 2023; General Application and Implementation Directive (GAID) 2025; Healthcare; Compliance.

Full Article

 Download Full Article (PDF)

How to Cite

K.C. Anyanwu, U.M. Mbanaso, T.K. Anyachebelu, S.E. Chaku (2025). Assessment of Compliance With data Protection and Privacy Regulations in the Nigeria Healthcare Sector. SIAR-Global Journal of Computer, Information & Library Science, Vol. 1, No. 1. DOI: 10.5281/zenodo.18366123

Share This Article

Facebook LinkedIn

Article Information

  • Type: Research Article
  • Journal: SIAR-Global Journal of Computer, Information & Library Science
  • Subject Area: Multidisciplinary
  • Published: December 31, 2025
  • Volume: 1
  • Issue: 1
  • Word Count: Not specified
  • DOI: 10.5281/zenodo.18366123
  • Processing Fee: $35.00 USD

Related Articles

Archive Preservation and Indigenous Knowledge Access in Public …
Terwase, Victoria Member (Ph.D) & Audu et al.
Organizational Governance and Commercial Viability of Deposit Money …
DR. IHENYEN Joel Confidence; KIERIAMA Diepreye Sam; PEDRICK Azibakalegiri Maten

About This Journal

SIAR-Global Journal of Computer, Information & Library Science

The SIAR-Global Journal of Computer, Information & Library Science (GJCILS) is an official publication of the Society of Innovative Academic …

View Journal Submit to Journal