The Data Protection Bill, 2012
Access to information.
12. (1) Where an agency keeps personal information or where an
individual believes that an agency is keeping personal information
regarding him or her, in such a way that it can readily be retrieved,
the data subject shall be entitled—
(a) to obtain from the agency confirmation of whether or
not the agency holds such personal information; and
(b) to have access to that information.
(2) Subsection (1) does not apply to information that is
exempted from access under the law relating to access to
information.
(3) The procedure for a request for access to information under
subsection (1) shall be as provided under the law relating to access
to information.
Correction of
information.
13. (1) Pursuant to Article 35 (2) of the Constitution, where a
person holds personal information, the data subject shall be entitled
to request correction or deletion of untrue or misleading
information.
(2) A person who holds personal information shall, if so requested
by the data subject or on his or her own initiative, take steps to
correct, or delete untrue or misleading information.
(3) A denial of a request made under subsection (1) shall be in
writing disclosing the grounds for the denial of the request.
(4) A request for correction may be denied on the basis that the
request does not amount to a correction.
(5) Where an agency that holds personal information denies a
request by the data subject to correct, or delete untrue or
misleading, information, the agency shall, if so requested by the
data subject, attach to the information that it holds, in such a
manner that it will be read with the information that it holds, a
statement provided by the data subject making the request.
(6) Where the agency has taken steps under subsection (5), the
agency shall, if reasonably practicable, inform each person or body
or agency to whom the personal information has been disclosed of
11