PoPIA: Time Is up

Issue 3 2021 Security Services & Risk Management, Infrastructure

The countdown is on. The Protection of Personal Information Act (PoPIA) comes into full effect on 1 July 2021. With the deadline looming, there is a lot of confusion and ambiguity regarding its definitions, requirements and enforcement thereof.


Wale Arewa.

Failure to comply will result in steep fines for violators. Businesses have had ample time to prepare, but many are now scrambling to become compliant. They have realised that the impact is enormous, significant and unresolved personal data protection issues could result in financial penalties.

PoPIA regulates the usage and collection of personal data. Companies are required to handle all data carefully and provide customers with tools to update or delete personal information. They also need to alert consumers immediately if there is any form of breach.

PoPIA affects everyone, from financial institutions, data management companies, media companies, marketers and consumers. This means everyone should be aware of the Act and consequences for breaking the rules.

Penalties

Many businesses are unaware of the risks, but unfortunately ignorance of the law is no excuse. They will be liable should any breach occur. The penalties are severe, non-compliance could incur fines of up to R 10 million or even imprisonment.

Information officer

Every company needs to appoint an information officer that will be responsible for compliance. This person needs to be registered with the information regulator as a primary contact in case of any breach investigation. More importantly, the information officer will be responsible and face the consequences for any breaches.

Data protection

IT disposal has legislative requirements, compliance to PoPIA, the National Environmental Waste Management Act 2008 (NEMWA 2008), the Consumer Protection Act 68 of 2008 (CPA) and General Data Protection Regulations (GDPR).

Compliance affects employee, supplier and third-party data, as well as the systems that process it and how it is retained and destroyed. It includes the way personal information is stored, handled, processed, protected and who has access to it. Companies need to disclose what information is being gathered and how it will be stored. This could include staff records, ID numbers, drivers' licences, medical history or financial information.

Data disposal

With companies constantly acquiring new technologies, there is a corresponding and often overlooked increase in retired IT assets. These outdated PCs, laptops, monitors and other IT equipment tend to quietly pile up in storerooms.

According to legislation, businesses are required to manage the complete destruction of all data when IT assets reach end-of-life. PoPIA requires IT asset managers to practice due diligence and ensure their storerooms go through the expected data erasure techniques essential to protect company data.

Compliance is fast becoming a competitive advantage. Customers don’t want to be put at risk, data breaches and issues related to regulatory compliance, associated costs and loss of reputation will have dire consequences for businesses that suffer data breaches.

Find out more at www.xperien.com




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Identity recovery matters most
Security Services & Risk Management
As cyberattacks grow more targeted, more destructive, and increasingly aimed at the very fabric of trust within the enterprise, the ability to restore identities has become just as critical as restoring data.

Read more...
ISO 27701 helps demonstrate privacy compliance beyond POPIA
Security Services & Risk Management
ISO 27701 include privacy-specific controls and provides a structured way to manage Personally Identifiable Information (PII) throughout its lifecycle, giving organisations a way to demonstrate how privacy is managed.

Read more...
Echoes of 2018? Follow-up on Woolworths explosions
Technews Publishing News & Events Security Services & Risk Management Retail (Industry) Facilities & Building Management
SMART Security Solutions follows up with Jimmy Roodt to find out more about an old connection to the Woolworths bombings from 2018. The investigation remains ongoing.

Read more...
Increase in cyberattacks on the manufacturing sector
Security Services & Risk Management News & Events Industrial (Industry)
According to a new Kaspersky ICS CERT report, in the first quarter of 2026, the percentage of industrial control systems (ICS) on which malicious objects were blocked reached 19,6% globally.

Read more...
Next-generation cash-in-transit vehicle
News & Events Security Services & Risk Management
Fidelity Services Group has unveiled a new, purpose-engineered Cash-in-Transit (CIT) vehicle designed to redefine crew protection, deter threats, and enhance operational resilience in an increasingly complex criminal environment.

Read more...
The risk at the edge of South Africa’s agriculture supply chain
Security Services & Risk Management Agriculture (Industry) Logistics (Industry)
Research from ESET has found that a significant number of South African agritech operators and farmers continue to believe their companies are not attractive targets for cybercriminals. Unfortunately, that belief is precisely what makes them one.

Read more...
AURA partners with Discovery to launch Discovery 911
News & Events Security Services & Risk Management
AURA has announced a partnership with Discovery Insure to power the security-response component of its new Discovery 911 virtual panic-button offering, which is available through the Discovery Insure app.

Read more...
Break the silence on fraud
Security Services & Risk Management
We are entering a new era of fraud, one defined by groups that operate across borders, using advanced digital tools and impersonation tactics to deceive victims and wear down communities' trust and financial security.

Read more...
Africa’s white-collar crime landscape
Security Services & Risk Management
White-collar crime in Africa is no longer a predominantly domestic concern; it has expanded onto the international stage, and so too has the corporate exposure that accompanies it.

Read more...
From drone market growth to application-level commercialisation
IoT & Automation Infrastructure
After years of pilot projects and technology validation, the question for the market is shifting from whether drones can fly safely and collect data, to where they can deliver repeatable operational value at scale.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.