POPI Act Compliance - POPI Solutions

POPI Act Compliance – why should I comply with the Act?

Many organisations are wondering about POPI Act compliance, what it is and what they should be doing about it?

With the full commencement of the POPI Act (POPIA) having been announced by President Cyril Ramaphosa on 22 June 2020 and with the enforcement date having taken place on 1 July 2021, organisations need to comply with POPIA. Organisations which are found to be non-compliant could suffer significant penalties in the form of fines or a prison sentence for the head of the organisation.

We believe that apart from the legal obligation, there are good reasons for complying with the Act. These include:

Protecting the personal information of customers, staff and other stakeholders will build their trust in your organisation;
It will enable you to develop competitive advantage over your competitors who don’t demonstrate their commitment to protecting personal information/data;
It will enable your organisation to demonstrate good governance and leadership;
Related areas such as Risk Management, Information Security, Records Management, Information Management and Service Provider Contract Management will improve;
It will help bring your organisation into line with international data protection laws;
It will be less expensive to prepare for compliance than it will be to pay penalties and to experience reputational damage.

To summarise, we like to see the reasons as a stick and a carrot!

So where are the “stick and carrot” for POPI Act compliance?

Think about how broad the definition of “personal information” can be: customers, employees, suppliers, in fact anyone we interact with as an organisation has personal information. Get it wrong in terms of POPI Act compliance and potentially stiff penalties could be heading your way, with fines of up to R10 million and potential time behind bars, as well as reputational damage and potential loss of income as a result. That’s the “stick” part of the story.

Get it right in processing personal information in accordance with the POPI Act and you can enhance your reputation with all your stakeholders. The “carrot” aspect also recognises the opportunity to boost confidence in your business by demonstrating the way you provide leadership and good governance in the way you process personal information. Get really creative and you will discover the POPI Act can help you to create new products and services, address new markets and keep ahead of your competitors while delighting your stakeholders.

What is the POPI Act?

The POPI Act has 8 conditions and a number of other areas, key points about the 8 conditions are shown below.

Accountability = assigning ownership in your organisation;
Processing Limitation = processing information for lawful reasons and in a manner that does not infringe privacy;
Purpose Specification =only obtaining and holding personal information for a specific purpose;
Further Processing Limitation = Further processing of personal information must be compatible with the purpose for which it was collected;
Information Quality = ensuring that information is complete and accurate;
Openness = informing individuals that their information has been obtained and the purpose thereof;
Security safeguards = the integrity of personal information must be secured using appropriate, reasonable, technical and organisational measures;
Data Subject Participation = a data subject has the right to request access to their personal information that you hold; to request the information is deleted or corrected if appropriate.

So where should you start?

Free IACT-Africa 20 Question POPI Act Compliance Health Check

The easiest and quickest place to start is to try our 20 Question POPI Act Compliance Health Check. Click here to access the health check.

IACT-Africa POPI Act Implementation Services

Embarking on a POPI Act implementation project can be daunting for many organisations as it is not a simple law with which to comply. If it is approached in a structured manner, however, it can be less daunting and far easier to tackle.

We make it easy for organisations carry out their POPI Act compliance preparation initiatives through our methodology as well as our set of tools, services and in-depth experience.

Please visit our POPI Act implementation and support page for more information or please contact us to discuss your requirements.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.