Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

The role of the Responsible Party

Residential Security Handbook 2021: SMART Estate Living Security Services & Risk Management

Stepping into the new year in the current socioeconomic climate is a challenge for organisations of any kind. There are a variety of new rules and regulations to follow. These rules and regulations are put into place to help protect businesses and individuals. In addition to complying with and managing COVID-19 regulations, organisations also need to ensure that they are complying with the regulations set out by the Protection of Personal Information Act (PoPIA).

To comply with the Act’s requirement that all businesses need to obtain consent for all data processed through the organisation, many businesses are assigning this work to so-called ‘Responsible Parties’. These parties are the accountable parties tasked with protecting personal and/or private data.

According to the Government Gazette, a Responsible Party refers to: A public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing personal information.

Conditions of compliance

PoPIA outlines that, for the processing of personal information to be lawful, certain conditions must be met, and the processes and procedures must comply with several regulations. These regulations include elements such as: accountability, processing limitation, purpose specification, further processing limitation, information quality, openness, security safeguards and data subject participation.

According to Carrie Peter, Solution Owner at Impression Signatures, “It is imperative that when organisations use or assign responsibilities to a Responsible Party, they ensure all regulations and specifications are complied with by this party. The Responsible Party is held accountable for ensuring that the conditions for lawful processing of personal data are met.”


Carrie Peter.

To support smaller businesses in ensuring compliance, Impression Signatures embarked on a PoPIA campaign that provides relevant information about the Act, free of charge. The campaign seeks to simplify and demystify the roles and responsibilities of the Act. With this approach, it hopes to support businesses that do not have large budgets available to employ compliance officers specifically for PoPIA purposes.

The Responsible Party works in conjunction with the operator and regulator. This collaboration ensures that all entities are working in cohesion to maintain and comply with the required regulations. The reason for the collection of the data set must be explicitly and clearly explained and outlined to the data subject, and must adhere to lawful processes.

“It is important to remember that this Act has been put into place to protect the rights of individuals and entities; to protect personal information. This means that, while an organisation and/or Responsible Party may have access and the required permission to use that data, the data primarily belongs to the data subject and is being ‘borrowed’ by the organisation. So, if the data subject requests access to or the deletion of this information, the organisation and/or Responsible Party must comply,” continues Peter.

Clear processes and procedures

To comply, the Responsible Party must keep a clear and definite record of processes and procedures. This record should be able to prove that the information was obtained with the consent and explicit knowledge of the data subject and that the data subject was informed of the intended use of the data. The Responsible Party must be able to prove that the data was used for its specified intent and that all legal and ethical regulations were adhered to.

The Responsible Party is not allowed to utilise this information outside of the parameters of its stipulated intent and may not disperse the information without explicitly stated consent from the data subject. The Responsible Party will need to ensure that effective safeguards are put into place to protect the information from being released and/or from being used outside of its consented intent. Proof and processes of these safeguards must be recorded in detail as evidence of compliance.

“There is a lot of weight placed onto the Responsible Party to ensure that all regulations are being adhered to. It is vital that those assigned with this role are aware and fully educated in the rules and regulations of this act,” concludes Peter. “To meet these standards, it is imperative that the Responsible Party not only follow the letter of the law, but that detailed records of these processes and procedures are kept and maintained.”




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

“This Is Theft!” SASA slams Mafoko Security
News & Events Security Services & Risk Management Associations
The Security Association of South Africa (SASA) has issued a stark warning that the long-running Mafoko Security Patrols scandal is no longer an isolated case of employer misconduct, but evidence of a systemic failure in South Africa’s regulatory and governance structures.

Read more...
Making a mesh for security
Information Security Security Services & Risk Management
Credential-based attacks have reached epidemic levels. For African CISOs in particular, the message is clear: identity is now the perimeter, and defences must reflect that reality with coherence and context.

Read more...
Privacy by design or by accident
Security Services & Risk Management Infrastructure
Africa’s data future depends on getting it right at the start. If privacy controls do not withstand real-world conditions, such as unstable power, fragile last-mile connectivity, shared devices, and decentralised branch environments, then privacy exists only on paper.

Read more...
From friction to trust
Information Security Security Services & Risk Management Financial (Industry)
Historically, fraud prevention has been viewed as a trade-off between robust security and a seamless customer journey, with security often prevailing. However, this can impair business functionality or complicate the customer journey with multiple logins and authentication steps.

Read more...
Security ready to move out of the basement
AI & Data Analytics Security Services & Risk Management
Panaseer believes that in 2026, a board member at a major corporation will lose their job amid rising breaches and legal scrutiny, as organisations recognise that cyber risk is a business risk that CISOs cannot shoulder alone.

Read more...
Cyber remains top business risk, but AI fastest riser at #2
News & Events Security Services & Risk Management
The Allianz Risk Barometer 2026 ranks cybersecurity, especially ransomware attacks, as the #1 risk, while AI is the biggest riser and jumps from #10 to #2, highlighting the emerging risks for companies in almost all industry sectors.

Read more...
OT calculator to align cyber investments with business goals
Industrial (Industry) Information Security Security Services & Risk Management
The OT Calculator has been developed specifically for industrial organisations to assess the potential costs of insufficient operational technology (OT) security. By offering detailed financial forecasts, the calculator empowers senior management to make well-informed decisions.

Read more...
From digital transformation to digital sovereignty
Security Services & Risk Management IoT & Automation
As cyberthreats grow, data regulations tighten, and AI becomes central to economic competitiveness, countries are recognising the need to control and protect their own digital assets.

Read more...
The age of Lean 4.0: Orchestrating intelligence and efficiency
Security Services & Risk Management
The convergence of Lean principles and AI (what we now call Lean 4.0) is no longer a theoretical exercise; it is the defining operational paradigm for survival and growth in a complex, data-intensive economy.

Read more...
Risks of open-source intelligence escalating in crime
Security Services & Risk Management Residential Estate (Industry) Smart Home Automation
CMS estimates that open-source intelligence has played a role in 20 - 30% of robberies over the past 12 months. In cybercrime, global research consistently shows that many offences rely on some form of open-source data exploitation.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.