- 26 Sep, 2025
- Juliana Nakiwanda
- No comment
Data Protection in M&E – What every evaluator should know
This presentation provides an overview of the Data Protection and Privacy Act, Cap. 97, highlighting the role of the Personal Data Protection Office (PDPO) in regulating compliance, the key data protection principles, and their integration into Monitoring and Evaluation (M&E) work. It emphasizes the importance of protecting the rights of data subjects, outlines common offences under the Act, and shares best practices for evaluators to ensure ethical standards, legal compliance, and credibility in handling personal data.
Brief Bio of the Presenter
Jordan Magala is a legal and compliance professional with expertise in IT, data protection and privacy. Currently, Jordan serves in the compliance and investigations department at the Personal Data Protection Office (PDPO) where he provides legal and regulatory guidance to organizations, conducts compliance audits and inspections, as well as enforcement activities.
Previously, Jordan supported the development of the Data Protection Compliance Toolkit for MSMEs and Fintechs, and contributed to several World Bank Projects aimed at developing guidelines and frameworks for data protection and privacy in Uganda. Jordan contributes to regional data policy through the East African Community Data Protection Technical Working Group.
He holds a Bachelor of Laws Degree from Makerere University and a Post Graduate Diploma in Legal Practice from the Law Development Centre. He has also attained several certifications in data protection and privacy including the Foundations of Privacy and Data Protection from the International Association of Privacy Professionals (IAPP), Data Protection and Privacy from Strathmore University and Council of Europe’s Data Protection and Privacy Rights qualification.
