010 500 1555

What is the PoPI Act?

In simple terms, the purpose of the PoPI Act is to ensure that all South African institutions conduct themselves in a responsible manner when collecting, processing, storing, sending and sharing another entity’s personal information by holding them accountable should they abuse or compromise your personal information in any way.

This right to protection of “personal information” is not just applicable to a natural person (i.e. an individual) but any legal entity, including companies and also communities or other legally recognised organisations. All of these entities are considered to be “data subjects” and are afforded the same right to protection of their information. As a company this would include protecting information about your clients, employees, suppliers, vendors, service providers, business partners, etc.

How do you protect information?

The safety and management of information relies on your organisations IT system. This is usually where a company takes the biggest risks.

We, South Africans, are now required by law to secure our IT networks from any unwanted attacks and prevent unauthorised access to our computers, network and data.

What do you need to do?

Incorporating PoPIA into the day-to-day operations of a business will require a significant amount of time and effort, including: educating and training staff, updating business processes, an implementing or updating security technology solutions.

To meet these obligations, you must take the following actions:

  1. Perform a risk assessment.
  2. Implement and maintain safeguards against the risks identified.
  3. Regularly verify the effectiveness of the safeguards.
  4. Ensure the safeguards are frequently updated to prevent new deficiencies or risks.

This may appear to be a large undertaking. A risk assessment, however, is a great opportunity for you to identify your company’s (and industry’s) security strengths and weaknesses and how they affect your bottom line. You’ll know where you need to make improvements and you’ll be confident that you can cope with the IT Security threats your business may face. 

IT Security Risk Assesments

Know where your vulnerabilities are and dramatically reduce your risk