Need Support? +264 81 291 3679 | support@instacom.com.na

What is POPI Compliance and why every business needs to understand it?

 Shephard Dube   2020-10-05  Comments General
Popi Act Compliance

The Protection of Personal Information Act 4 of 2014 (POPI or POPIA) is a data privacy law in South Africa that governs when and how businesses use, keep, delete, and gather personal information. The act is the counterpart of the GDPR in the European Union.


The POPI ACT's long and short of it is that it exists to protect personal data. The need for the law's enactment came as a result of organisations' increasing proclivity to exploit sensitive private and personal data. We've all heard of data breaches, the most well-known of which were the Facebook – Cambridge Analytical data scandal and, more recently, the Experian data breach in South Africa.


Data collection and utilisation is quickly becoming the foundation of organisational activities, and thus its management is gaining importance as time passes. It is estimated that the Experian data leak alone affected 24 million South Africans and around 800,000 enterprises.


It, therefore, comes as no surprise that lawmakers conjured up the Protection of Personal Information Act.

 

The POPI Act was first enacted in 2013 with some reasons in mind:

 

  • Promote the protection of personal information processed by public and private bodies;
    Establish  minimum requirements for the processing of information;
  • Provide for the establishment of an information regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000;
  • Provide for the issuing of codes of conduct;
  • Provide for the rights of persons regarding unsolicited electronic communications and automated decision making;
  • Regulate the flow of personal information across the borders of the Republic; and
  • Provide for matters connected therewith. 

Failure to comply with the POPI Act might result in legal consequences. A non-compliant corporation may face one of two harsh penalties: a R10 million fine or the imprisonment of officers responsible for compliance for up to ten years.


So, how can you and your company avoid these heinous scenarios while also complying with the POPI Act? To begin with, the Act does not apply to all organisations in South Africa. It only applies to companies that engage with third-party personal information, whether corporations or individuals. However, if Instacom is your technology partner, you won't have to worry because we are fully POPI compliant.

 

Who should comply with the POPI Act?

 

The POPI Act applies to organizations processing private or personal information of South African citizens. It does not matter if the organisation is South African or not, furthermore for the purposes of the Act, “a South African citizen includes humans and juristic persons”. Is your business collecting, using or handling personal or private data in South Africa? If so, then it will have to be POPI compliant.

 

What is POPI Compliance?

 

This question has become increasingly popular among business owners in recent years, causing worry among entrepreneurs and business owners.

 

Compliance with the POPI act is not a huge concern; rather, as a business owner, the key issue will be establishing methods to secure private or personal data. Compliance with the POPI Act entails putting in place safeguards to ensure that an organisation collects, deletes, uses, handles, and stores data in the permissible manner.

 

Your firm must implement safeguards to protect private or personal data from unlawful access and loss. It may appear straightforward, but the organisation in issue will need to design a plan that is best suited to its operations.

 

Because different organisations will practise compliance in different ways, the measures used by your organisation will also change.


What benefits does the POPI provide for your business?


Data is one of the most valuable properties for most businesses. Without data, many businesses could be doomed. The POPI Act provides businesses with a great opportunity to have data at their disposal coupled with specified rules on how to manage the process of data usage.


This opportunity presents many companies with a chance to understand their customer behaviour and other customer metrics. Businesses can process data into valuable information to ensure better sales performance.


Conclusion


The POPI Act is a forward-thinking solution to personal and enterprise data privacy. The Act is much similar to the European Union General Data Protection Regulation. However, It seems like the POPI is one step ahead since it regulates corporate personal information whilst the GDPR doesn’t. 
Over and above everything, you need to comply with the POPI Act. Compliance will help you avoid unnecessary fines or imprisonment.

Article done by an external writer, Shephard Dube, from Rateweb.

Filter

Search

Show

20
20
32
64
100
200

Sort

Age: New to Old
Age: New to Old
Age: Old to New
Title

Categories

Select All
General
Instacom Cares
Press Release

Authors

Select All
Admin
dmi
Instacom CSI
Instacom
Jonckie
Insurance Chat
Arive Alive
Roland Van Der Walt
Shephard Dube
Search  

Comments

Be the first to write a comment.

Leave a Comment

Replying to...
Name / Nickname *
Email *
Comment *
Submit Comment
Using this site means you accept its terms | Copyright © 2024 Instacom Instant Communication Solutions, Namibia
Powered by Webpro | Created by IT Design
Top
Who doesn't like cookies?
This website uses cookies to ensure you get the best experience. Read more...