Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

When is consent required to process your information?

Issue 3 2021 Editor's Choice

By Michelle Dickens, CEO of TPN.

The majority of organisations are not yet compliant with the Protection of Personal Information Act (PoPIA) which becomes effective on 1 July this year. According to a survey conducted by TPN Credit Bureau on how ready companies are for PoPIA, only 27.4% are process ready and 40.3% are ready from a governance perspective. Technological readiness scored the highest at 57%, which is still a far cry from compliant. Of the 200 companies we surveyed, only 8% scored above 80% for their PoPIA readiness.

Although organisations are expected to be fully compliant with the PoPIA by 1 July with all the necessary systems and processes in place, industry bodies were required to have submitted a code of conduct to the Information Regulator by 1 March 2021 according to Regulation 5 of the PoPI Act. It is highly recommended that those organisations that have not yet started the process of becoming compliant with the PoPIA do so as soon as possible as compliance is a time-consuming process.

The Credit Bureau Association, for example, has submitted its code of conduct to the Information Regulator, who has subsequently opened the code up for public comment. In South Africa, credit bureaux are subject to the restrictions of the National Credit Act which governs the processing of consumer credit information. However, credit bureaux can’t process credit profile information unless they have pre-approval from the Information Regulator.

Another deadline which is looming relates to Regulation 4 of the PoPIA which requires that organisations have appointed an information officer by 1 May. An information officer is responsible for, amongst other things, encouraging compliance with the PoPIA; developing and implementing a compliance framework; and ensuring that a personal information impact assessment is done to ensure that adequate measures and standards exist.

The aim of the PoPIA is to protect personal information and prevent information from being exposed to unauthorised individuals or entities. As such it requires that a set of streamlined processes and systems are established that easily identify where personal information is stored, how that information is processed physically and electronically, who has access to it as well as for what purpose it is required. Not surprisingly, becoming PoPIA-compliant takes time and needs to be an ongoing process.

A failure to be compliant has consequences as organisations could face fines or other penalties depending on the nature of the offence.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

What is your ‘real’ security posture?
BlueVision Editor's Choice Information Security Infrastructure AI & Data Analytics
Many businesses operate under the illusion that their security controls, policies, and incident response plans will hold firm when tested by cybercriminals, but does this mean you are really safe?

Read more...
What is your ‘real’ security posture? (Part 2)
BlueVision Editor's Choice Information Security Infrastructure
In the second part of this series of articles from BlueVision, we explore the human element: social engineering and insider threats and how red teaming can expose and remedy them.

Read more...
IQ and AI
Leaderware Editor's Choice Surveillance AI & Data Analytics
Following his presentation at the Estate Security Conference in October, Craig Donald delves into the challenge of balancing human operator ‘IQ’ and AI system detection within CCTV control rooms.

Read more...
Onsite AI avoids cloud challenges
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure AI & Data Analytics
Most AI programs today depend on constant cloud connections, which can be a liability for companies operating in secure or high-risk environments. That reliance exposes sensitive data to external networks, but also creates a single point of failure if connectivity drops.

Read more...
Toxic combinations
Editor's Choice
According to Panaseer’s latest research, 70% of major breaches are caused by toxic combinations: overlapping risks that compound and amplify each other, forming a critical vulnerability to be exploited.

Read more...
Continuum launches centralised access and identity management
Editor's Choice Access Control & Identity Management Integrated Solutions Facilities & Building Management
Continuum Identity is a newly launched company in the identity management and access control sector, targeting the complexity of managing various Access and Identity Management (AIM) systems.

Read more...
Making drone security more accessible
Editor's Choice Integrated Solutions Residential Estate (Industry) AI & Data Analytics IoT & Automation
Michael Lever discusses advances in drone technology, focusing on cost reductions and the implementation of automated services, including beyond line of sight capabilities, for residential estates with SMART Security Solutions.

Read more...
Private fire services becoming the norm?
Technews Publishing SMART Security Solutions Editor's Choice
As the infrastructure and service delivery in many of South Africa’s major cities decline, with a few, limited exceptions, more of the work that should be done by the state has fallen to private companies.

Read more...
View from the trenches
Technews Publishing SMART Security Solutions Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
There are many great options available to estates for effectively managing their security and operations, but those in the trenches are often limited by body corporate/HOA budget restrictions and misunderstandings.

Read more...
SMART Estate Security Conference KZN 2025
Arteco Global Africa OneSpace Technologies SMART Security Solutions Technews Publishing Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
May 2025 saw the SMART Security Solutions team heading off to Durban for our annual Estate Security Conference, once again hosted at the Mount Edgecombe Country Club.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.