Keeping MICE safe and compliant in a new environment

Issue 3 2021 Commercial (Industry), Infrastructure

The meetings, incentives, conferences and exhibitions (MICE) sector has been challenged with massive change over the past year: not only has the Covid-19 pandemic forced most meetings and events online for safety, but now the deadline for compliance with the Protection of Personal Information Act (PoPIA) raises questions about data protection within this new virtual environment.


Edison Mazibuko.

With PoPIA taking effect 1 July 2021, the organisers of virtual meetings and events have to be cognisant of these changes, which will have an impact similar to that experienced by the MICE sector elsewhere in the world when complying with protection of personal information regulations.

Addressing both situations at once can seem like a balancing act, but fortunately PoPIA, like other privacy legislation such as GDPR, is quite clear about the steps to be taken to remain compliant. To strive for compliance, key areas for focus in the MICE sector should include:

Appoint a data protection officer. This team member will serve as the bridge between business, IT and other stakeholders and be made accountable for compliance. Collaboration between business units is the key to success.

Review your technology vendors. As processors of the personal information gathered or stored by a MICE company, technology vendors should be properly certified and compliant, should encrypt all data and hold the necessary ISO certification.

Strengthen your organisation’s cybersecurity posture. A key measure to protect sensitive information is to ensure the systems and data are properly protected from theft, accidental exposure, or hardware and software damage.

Check your policies and procedures. With the deadline for PoPIA compliance upon us, all organisations should already have their policies and procedures in place. However, compliance is not a destination but a journey. To strive for compliance, organisations should maintain a robust information security programme, regularly test vulnerabilities and run ongoing staff training and awareness programmes. To ensure that only authorised staff and stakeholders access personal information, implement a Privileged Access Management (PAM) solution.

Review all documentation. All event registration forms and sponsor/exhibitor booking forms and all the processes for capturing and storing them should be reviewed to ensure they are PoPIA compliant.

Review your third-parties. Third-party suppliers and service providers who have access to event data must similarly be compliant with the act. MICE organisations need to verify that every company they work with currently and in future is PoPIA compliant.

Know your data. Whether a company is staging virtual or real-life events, their mailing lists, contact databases, supplier and sponsor directories and staff files must be properly secured, processed and managed only within the parameters of the act. Going forward, specific permission must be sought to gather personal information and the reasons it is being gathered must be specified. For most MICE companies, contact lists are re-used time and again for various events. Going forward, clear permission will have to be sought to retain contacts’ information and approach them for relevant events in future. Organisers must also make it easy for people to withdraw consent to use their information.

Some rules of thumb include collecting only the data you need. Periodically review the data, deleting anything you don’t need.

Consider how to approach the sales leads issue. A major reason many organisations sponsor events is to secure qualified sales leads. PoPIA compliance could impact this benefit. When registering attendees for an event, organisers will now have to give them the option to grant or deny permission for sponsors to contact them. However, the challenge of delivering value to sponsors could be overcome by changing the event model and ensuring that sponsors have greater opportunities to pitch their products during the event itself, for example.

Secure your virtual platforms. Online events early in the Covid-19 pandemic exposed a number of potential personal information risks, including the ability for outsiders to access private meetings and malicious players to scrape a wealth of personal information about participants. Virtual events should be staged only on reputable platforms, in which events can be locked to the general public and all participants accept that the event is being recorded. Event organisers should also ensure that their video conferencing equipment, software and connections are secure and patched. Protect the administrative accounts with appropriate passwords or a PAM solution.

The measures to be taken may seem onerous at first, but once the right tools, policies and procedures are in place, data protection practices can be instilled into the company culture and become second nature for safe and secure events.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Five tech trends shaping business in 2025
Information Security Infrastructure
From runaway IT costs to the urgent need for comprehensive AI strategies that drive sustainable business impact, executives must be prepared to navigate a complex and evolving technology environment to extract maximum value from their investments.

Read more...
Threats, opportunities and the need for post-quantum cryptography
AI & Data Analytics Infrastructure
The opportunities offered by quantum computing are equalled by the threats this advanced computer science introduces. The evolution of quantum computing jeopardises the security of any data available in the digital space.

Read more...
Navigating today’s cloud security challenges
Information Security Infrastructure
While the cloud certainly enables enterprises to quickly adapt to today’s evolving demands, it also introduces unique challenges that security teams must recognise and manage. Vincent Hwang offers insights from the 2025 State of Cloud Security Report.

Read more...
Smart access for a safer community
neaMetrics Suprema Access Control & Identity Management Residential Estate (Industry) Products & Solutions Commercial (Industry)
Suprema has released its BioEntry W3 facial authentication access control device with multiple authentication options, including RFID cards as well as mobile credentials, designed for durability and resilience.

Read more...
The rise of autonomous data recovery
Information Security Infrastructure
Escalating cyberthreats and attacks constantly put businesses under pressure, increasingly prompting organisations to shift their mindsets towards ensuring continuous operations and thus avoiding downtime and revenue loss.

Read more...
Can we really fight AI cybersecurity threats with more AI?
Information Security Infrastructure
In a world where artificial intelligence (AI) is increasingly being weaponised by cybercriminals, the question of whether we can effectively combat AI threats with more AI is not just a technical inquiry but a pressing global concern

Read more...
Partnership delivers 40% storage savings for surveillance
Surveillance Infrastructure
Large-scale video surveillance users and applications demanding extended storage periods will benefit from up to 40% savings on video storage hardware stacks thanks to a new partnership between IDIS and Secure Logiq.

Read more...
Threats, opportunities and the need for post-quantum cryptography
AI & Data Analytics Infrastructure
The opportunities offered by quantum computing are equalled by the threats this advanced computer science introduces. The evolution of quantum computing jeopardises the security of any data available in the digital space.

Read more...
Axis introduces ACS Edge and cloud storage
Axis Communications SA Surveillance Infrastructure Products & Solutions
Axis Communications has launched two new solutions within the AXIS Camera Station ecosystem, AXIS Camera Station Edge (ACS Edge) and AXIS Camera Station Cloud Storage (ACS Cloud Storage).

Read more...
Fire safety in commercial kitchens
Technews Publishing Kestrel Distribution Products & Solutions Fire & Safety Commercial (Industry)
Fire safety in commercial kitchens is becoming increasingly critical. Defender is Europe’s first EN 17446:2021-approved kitchen hood fire suppression system and offers the indispensable safety measures required.

Read more...