The Standard

How the transition to SHA has exposed gaps in data governance

By Stephanie Wangari | 1mo ago
Medical Services Principal Secretary Harry Kimtai. [Kanyiri Wahito, Standard]

For months, the government has urged Kenyans to register for the new Social Health Authority (SHA), which is replacing the National Health Insurance Fund (NHIF). 

Despite these efforts, only about 2 million Kenyans had signed up for the new scheme, by the time SHA was officially rolled out on October 1, 2024.

To speed up the transition, the government began automatically migrating NHIF members to SHA without their consent.

A message confirming the automatic migration from NHIF to the new Social Health Authority (SHA). [Screenshot]

The unsolicited migration has since sparked widespread criticism, with many expressing concerns over privacy violations.

"NHIF had very different terms of service compared to SHA. Migrating people without their consent is a clear breach of data privacy and is illegal. This should be common sense," opined X user, Bravin Yuri.

Another user questioned the government's actions: "Is the government forcefully migrating us to SHA? I haven't registered, yet I received this SMS. They might as well finish what they've started and update my profile because I’m not on board with this."

Data governance lawyer James Mbugua, speaking to The Standard, avers that the government has violated privacy laws with the unauthorised migration.

"There is a violation of consent and the right to object to data processing. We haven't entered into any agreement with SHA regarding how our data will be handled, processed, or shared," he said.

In response to the backlash, the Ministry of Health on Thursday, September 3 said that the transition process from NHIF to SHA is lawful. 

“The Ministry has received inquiries regarding the transition of existing NHIF members to SHA. We wish to clarify that legal notice 147 of 2024 allows for the migration of all registered and verifiable NHIF members to SHA,” the statement read. 

“This process ensures continuity of coverage, and members are encouraged to verify and update their profiles, as well as add dependents through our official SHA channels.”

The Law
According to the Data Protection Act of 2019, individuals have the right to control how their personal information is used. 

The law mandates that personal data can only be processed or transferred with informed consent, except in cases where a legal exception applies.

Related Topics

SHIF NHIF SHA Ministry of Health
.

Latest Stories

Rono elected new Kenya Universities Sports Federation boss
Rono elected new Kenya Universities Sports Federation boss
Unique Sports
By Ben Ahenda
33 mins ago
Teach me the secret to marrying many wives, Malulu tells Oparanya
Entertainment
By Benard Lusigi
57 mins ago
Why voters might make Ruto one-term president
Opinion
By David Kipruto
1 hr ago
.

The Standard Insider

Adani: Sly Indian deal maker who excited Kenya's top leadership
By Benjamin Imende 1 hr ago
Adani: Sly Indian deal maker who excited Kenya's top leadership
Why voters might make Ruto one-term president
By David Kipruto 1 hr ago
Why voters might make Ruto one-term president
KNCHR report: State on spot over surge in killings, abductions
By Jacinta Mutura 1 hr ago
KNCHR report: State on spot over surge in killings, abductions
Ruto, Museveni in crosshairs as Besigye is abducted in city
By Fred Kagonye and Noel Nabiswa 21 hrs ago
Ruto, Museveni in crosshairs as Besigye is abducted in city
.

Digger Classified

GET OUR NEWSLETTER

Subscribe to our newsletter and stay updated on the latest developments and special offers!

CONNECT WITH US

FOR THE LATEST JOB ADVERTS

join Digger Classifieds telegram channel
The Standard
© 2024. The Standard Group PLC. All rights reserved