The Protection of Personal Information Act, 2013 (POPI) which will become operational from July 2021.
Many businesses and organisations are often heard complaining that POPI is ”just red tape” and something their “IT” can address “later”. As our series of notices, this month showed, such assumptions are flawed. (See, for example, POPI is just more red tape? No! It is a chance to gain trust, One-size-fits-all strategies: a POPIA misfit, Your IT Manager will ease POPIA compliance for you and Compliance with POPIA is a worry for big businesses only.)
POPI’s attraction lies therein that:
- it gives businesses the opportunity to earn the trust of their clients and consumers by reassuring them that the personal information that the business or organisation receives, is being dealt with in terms of the law, with the sole motivation to ensure their privacy is protected and in as far as it is reasonably expected of your business to do so;
- it is good for your business management. It requires you to audit your own office procedures, paperwork and client interface dealings. The purpose of the audit is to make sure that when personal information is collected, stored and used, this is done within the confines of POPI. It is very likely also to automatically update, streamline and simplify your organisation or business’ way of performing tasks; and
- it will instil a culture of data security and data protection, making the protection of personal information within your business or organisation, your “usual way” of going about your tasks. Change in processes is sometimes difficult to achieve when staff insist on doing things the way they have always done, but the risk of a data breach and the resultant flood of negative media that usually follow should inspire the management teams of businesses and organisations to action.
We offer guidance and assistance to our clients to lead their organisations and businesses to comply with POPIA. Do not hesitate to contact us on email@example.com, for a consultation or discussion.