Popia Compliance

“It takes less time to do a thing right, than it does to explain why you did it wrong.”

-Henry Wadsworth Longfellow

We regularly consult with business owners who, when considering their POPIA compliance responsibilities, react thereto in love-hate terms. On the one hand, there is a positive response where compliance is constructively applied to the business’ own day-to-day procedures and management. On the other hand, it appears less rosy where it is presented as a must-do red tape exercise, with a government-imposed threat of financially damaging penalties for non-compliance.

Fortunately, compliance with POPIA is neither of the above, if you consider the short explanations in the below posts:

  1. Complying with POPIA is a big business worry only
  2. Ensuring compliance with POPIA is not an IT responsibility
  3. Debunking the one-size-fits-all approach to complying with POPIA
  4. POPI is not really about (unnecessary) red tape and a way for government to burden businesses

The Protection of Personal Information Act (POPI or POPIA), in the most simple terms, sets out ways in which businesses must deal with personal information that they hold and process. This includes personal details of their employees, as well as the personal details of their customers, clients and service providers; whether the customers and clients are individuals or other businesses/entities.


  • We help you identify your most important next steps, after looking at how you manage your business operations. After all, in many instances, businesses have promising systems in place that include governance of private information, and the wheel need not be re-invented.
  • We advise and assist you with the appointment of an Information Officer and Deputies, if required, and support this person to commence fulfilling his or her duties.
  • We define responsibilities and who need to do what.
  • We help create policies, procedures, standards and guidelines for what the organisation is going to do – and how.
  • We help you train your staff to understand what POPIA is about to make sure everyone is on the same page and participating, as required