PoPIA: Time Is up

Issue 3 2021 Security Services & Risk Management, Infrastructure

The countdown is on. The Protection of Personal Information Act (PoPIA) comes into full effect on 1 July 2021. With the deadline looming, there is a lot of confusion and ambiguity regarding its definitions, requirements and enforcement thereof.


Wale Arewa.

Failure to comply will result in steep fines for violators. Businesses have had ample time to prepare, but many are now scrambling to become compliant. They have realised that the impact is enormous, significant and unresolved personal data protection issues could result in financial penalties.

PoPIA regulates the usage and collection of personal data. Companies are required to handle all data carefully and provide customers with tools to update or delete personal information. They also need to alert consumers immediately if there is any form of breach.

PoPIA affects everyone, from financial institutions, data management companies, media companies, marketers and consumers. This means everyone should be aware of the Act and consequences for breaking the rules.

Penalties

Many businesses are unaware of the risks, but unfortunately ignorance of the law is no excuse. They will be liable should any breach occur. The penalties are severe, non-compliance could incur fines of up to R 10 million or even imprisonment.

Information officer

Every company needs to appoint an information officer that will be responsible for compliance. This person needs to be registered with the information regulator as a primary contact in case of any breach investigation. More importantly, the information officer will be responsible and face the consequences for any breaches.

Data protection

IT disposal has legislative requirements, compliance to PoPIA, the National Environmental Waste Management Act 2008 (NEMWA 2008), the Consumer Protection Act 68 of 2008 (CPA) and General Data Protection Regulations (GDPR).

Compliance affects employee, supplier and third-party data, as well as the systems that process it and how it is retained and destroyed. It includes the way personal information is stored, handled, processed, protected and who has access to it. Companies need to disclose what information is being gathered and how it will be stored. This could include staff records, ID numbers, drivers' licences, medical history or financial information.

Data disposal

With companies constantly acquiring new technologies, there is a corresponding and often overlooked increase in retired IT assets. These outdated PCs, laptops, monitors and other IT equipment tend to quietly pile up in storerooms.

According to legislation, businesses are required to manage the complete destruction of all data when IT assets reach end-of-life. PoPIA requires IT asset managers to practice due diligence and ensure their storerooms go through the expected data erasure techniques essential to protect company data.

Compliance is fast becoming a competitive advantage. Customers don’t want to be put at risk, data breaches and issues related to regulatory compliance, associated costs and loss of reputation will have dire consequences for businesses that suffer data breaches.

Find out more at www.xperien.com




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

SAFPS issues SAPS impersonation scam warning
News & Events Security Services & Risk Management
The Southern African Fraud Prevention Service (SAFPS) is warning the public against a scam in which scammers pose as members of the South African Police Service (SAPS) and trick and intimidate individuals into handing over personal and financial information.

Read more...
A passport to offline backups
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure Smart Home Automation
SMART Security Solutions tested a 6 TB WD My Passport and found it is much more than simply another portable hard drive when considering the free security software the company includes with the device.

Read more...
Rewriting the rules of reputation
Technews Publishing Editor's Choice Security Services & Risk Management
Public Relations is more crucial than ever in the generative AI and LLMs age. AI-driven search engines no longer just scan social media or reviews, they prioritise authoritative, editorial content.

Read more...
How can South African organisations fast-track their AI initiatives?
AI & Data Analytics Security Services & Risk Management
While the AI market in South Africa is anticipated to grow by nearly 30% annually over the next five years, tapping into the promise and potential of AI is not easy.

Read more...
Efficient, future-proof estate security and management
Technews Publishing ElementC Solutions Duxbury Networking Fang Fences & Guards Secutel Technologies OneSpace Technologies DeepAlert SMART Security Solutions Editor's Choice Information Security Security Services & Risk Management Residential Estate (Industry) AI & Data Analytics IoT & Automation
In February this year, SMART Security Solutions travelled to Cape Town to experience the unbelievable experience of a city where potholes are fixed, and traffic lights work; and to host the Cape Town SMART Estate Security Conference 2025.

Read more...
Stallion repositions itself as a services provider
News & Events Security Services & Risk Management
Stallion has rebranded as Stallion Integrated Solutions to reflect its expanded capabilities beyond traditional security services to delivering integrated solutions that enhance safety, asset management, and operational efficiency.

Read more...
Seven tips to help ensure your backup batteries work
Power Management Security Services & Risk Management
Load shedding is back, officially or not. Lance Dickerson offers seven tips to prolong the life of your power backup systems and ensure they perform as intended when needed.

Read more...
Cybersecurity best practice
Information Security Security Services & Risk Management
Breach and attack simulation has become an essential element of cybersecurity strategies in any modern business by allowing companies to actively detect and resolve vulnerabilities through real-world attack simulations.

Read more...
Historic Collaboration cuts ATM Bombings by 30%
Online Intelligence Editor's Choice News & Events Security Services & Risk Management
Project Big-Bang, a collaborative industry-wide task team, has successfully reduced ATM bombings in South Africa by 30,7% during the predetermined measurement period of November, December and January 2024/5.

Read more...
Keeping safety central to enterprise risk management
Zulu Consulting Security Services & Risk Management
[Sponsored] As employee safety becomes an ever-more critical aspect of corporate risk management, Risk-IO assists risk managers in ensuring a safe working environment, whether in an industrial setting, an office, or anywhere.

Read more...