Electronic Transactions Act, 2008
Act 772
(b) access to, transfer and control of a critical database,
(c) infrastructural or procedural rules and requirements to secure
the integrity and authenticity of a critical electronic record,
(d) procedures and technological methods to be used in the storage or archiving of a critical database,
(e) accident recovery plans in the event of loss of critical data
bases or parts of the database,
(f) the security of the databases,
(g) the physical safety of a person in control of the critical database, and
(h) any other matter required for the adequate protection, management and control of a critical database.
(2) This Act shall not be construed to limit the right of a public
body to perform an authorised function in terms of any other law.
Restrictions on disclosure of information
60. (1) Information contained in the register of a critical database shall
not be disclosed to another person other than to employees of the Agency
who are responsible for the keeping of the register.
(2) The Agency is at liberty to disclose information to
(a) a law enforcement agency, and
(b) a Ministry, Department or Agency.
(3) Nothing in this law shall preclude the Agency from pleading
in proceedings relating to information held in its custody or records that
production or disclosure of a matter may be prejudicial to the security of
the State or injurious to the public interest in accordance with article 135
of Constitution.
Right of inspection
61. The Minister may cause audits to be carried out by a critical database administrator to evaluate compliance with the provisions of this Act.
Non-compliance with Act
62. (1) The Minister on receipt of the audit report shall consider,
(a) any action recommended to remedy the non-compliance, and
(b) the period within which the remedial action shall be performed.
(2) The Minister shall report the recommendation to the National
Security Council and the Council may take action or give directions that
29