POPIA: Plain and Simple

So much of our lives has become digital, from shopping and banking to watching movies and, more importantly … working, that there’s a heap of our personal information stacking up in cyberspace every day.

The fast-growing digital economy and the escalation of personal data creation has jump-started governments worldwide to introduce data privacy regulations. This, in an effort to keep people safe by protecting their personal information.

The main purpose of South Africa’s Protection of Personal Information Act (POPIA) is to uphold a basic human right, that of protecting people’s privacy while helping to stop their money or identity from being stolen.

What does POPIA mean for business?

To be compliant with the relevant privacy law, businesses are having to adjust, or entirely change, their systems to ensure the personal information they collect, process, keep or share is protected against loss and misuse.

For many businesses this will mean:

  1. Documenting how personal information is processed as it moves through the business
  2. Restructuring how they handle information
    Understanding how POPIA will impact their email and direct marketing strategies
  3. Implementing digital cyber security to protect their data
  4. Installing a business continuity solution
  5. Using compliance software to manage, and keep track of, their compliance status

Like other data privacy regulations around the world, such as Europe’s General Data Protection Regulation (GDPR), POPIA stipulates certain conditions for the processing of personal data. These are:

  1. Personal information must be accurate and relevant and processed in line with the Act.
  2. A person must have given informed and specific consent for the information to be processed.
  3. The information can then only be collected for that specific purpose.
  4. The information can’t be used for another purpose unless consent is given for that.
  5. The information needs to be complete, accurate, not misleading and updated when necessary.
  6. Safeguards must be put in place to protect the information’s integrity and security.
  7. The data subject must be able to request the information and have it deleted or changed if they choose.
  8. The information must be protected against the loss, unlawful access, interference, modification, unauthorised destruction and breach.

POPIA compliance may seem a daunting task, but there’s comprehensive compliance software out there to help you achieve and manage your ongoing compliance. Good software will include tools to:

  1. Demonstrate compliance
  2. Manage compliance tasks, including:
    1. data mapping
    2. data protection impact assessments (DPIA)
    3. operator agreements
    4. data sharing
    5. subject access requests
    6. governance
  3. Collaborate with colleagues

The POPIA Act has a one-year grace period, which means that it’s only by 1 July 2021 that businesses need to be showing their compliance with it.

If you need help with your data mapping or any aspect of compliance, chat with us.

Talk to us about POPIA

Step 1 of 2

  • Sign up for your
    Free Trial

    Please complete the form to sign up for your free trial. For all our other products, please contact us for a consultation.

  • I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

The reseller zone is currently out getting a facelift as we look to integrate it with our backup platform, as it stands you can overview your clients on our new backup console. If you don't know what console that is, please reach out to us.

  • Hidden
  • I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

  • I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

  • I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

We are taking all necessary precautions around the COVID-19 situation. Our offices are closed and our team members have each been set up to work remotely in self-isolation at home. As far as possible IronTree will maintain business as usual. All our resources such as server platforms, transactional capacity, telephony and electronic communications, including video meeting facilities, have been configured in the cloud and are 100% operational. Please feel free to contact us if you require our assistance. Stay safe!
One of our team members will be happy to help answer any questions you have!
Just click the chat icon in the right-hand corner.