POPI is here. Are you ready?

Have you trained on your staff on POPI and Cyber Security Awareness?

POPI compliance products and services

CLICK HERE

WHAT IS POPI
AND HOW YOU NEED TO ACT

POPI refers to South Africa’s Protection of Personal Information Act which seeks to regulate the Processing of Personal Information. Personal Information broadly means any information relating to an identifiable, living natural person or juristic person (companies, CC’s etc.) and includes, but is not limited to:

Contact details:
email, telephone, address etc.

Biometric information:
blood type etc.

Demographic information:
age, sex, race, birth date,
ethnicity etc.

Opinions of and about the
person

History:
employment, financial,
educational, criminal, medical
history

Private correspondence

Contact details:
email, telephone, address etc.

Biometric information:
blood type etc.

Demographic information:
age, sex, race, birth date,
ethnicity etc.

Opinions of and about the
person

History:
employment, financial,
educational, criminal, medical
history

Private correspondence

Processing means broadly anything that can be done with the Personal Information, including collection, usage, storage, dissemination, modification or destruction (whether such processing is automated or not). Some of the obligations under POPI are to:

Only collect information that you need for a specific purpose

Only hold as much as you need, and only for as long as you need it

Apply reasonable security measures to protect it

Ensure it is relevant and up to date

Allow the subject of the information to see it upon request

only collect information that you
need for a specific purpose

apply reasonable security
measures to protect it

ensure it is relevant and up to
date

only hold as much as you need, and
only for as long as you need it

allow the subject of the information
to see it upon request

WHY SHOULD I COMPLY
WITH POPI?

POPI promotes transparency with regard to what
information is collected and how it is to be processed.
This openess is likely to increase customer confidence
in the organisation.
POPI compliance involves capturing the minimum
required data, ensuring accuracy, and removing data
that is no longer required. These measures are likely to
improve the overall reliability of the organisation
databases. Compliance demands identifying Personal
Information and taking reasonable measures to protect
the data. This will likely reduce the risk of data
breaches and the associated public relations and legal
ramifications for the organisation.

Non-compliance with the Act could expose the
Responsible Party to a penalty of a fine and / or
imprisonment of up to 12 months. In certain cases
the penalty for non-compliance could be a fine
and / or imprisonment of up 10 years.

POPI compliance products and services

CLICK HERE
Data Request Form | Privacy Policy

Designed and maintained by OnRamp