+27 (0)21 551 2410
Facebook Twitter LinkedIn

POPI Implementation

 

The Protection of Personal Information (POPI) Bill was enacted into law in South Africa in November 2013 and sets conditions for how you may process Personal Information of, for example, your Clients, Suppliers and Employees. This includes:

  • What information you may process
  • Under what circumstances you may process it
  • For how long you may process it
  • How that information must be maintained
  • How that information must be secured
  • How and when you must dispose of Information.

POPI exists to protect Personal Information and is a concept that involves the various measures that a natural or legal person ("responsible party") must take when processing the Personal Information of another natural or legal person ("data subject").

Personal Information is best described as any information or set of information whereby a person can be uniquely identified (e.g. your ID number, or your name, race, gender and age).

The Processing of Personal Information can be best defined as to include any action inferred on the Personal Information (e.g. the collection, storage, retention, deletion or destruction of the Personal Information).

Approaching POPI is similar to implementing any other piece of legislation. It involves assessing the current situation, developing a strategy and implementing that strategy. InfoBluePrint are equipped to assist you in this approach.

How can InfoBluePrint Help?

 

InfoBluePrint has been preparing for this legislation for several years. With our existing expertise in Assessment, Strategy and Solution Implementation for both Data Quality Improvement and Data Governance requirements, it was an obvious extension of our services to assist with this specific legislative need. We provide the following individual or combined solutions in respect of POPI:

  • POPI Readiness Evaluation to review your current organisation and determine how well prepared or exposed you are in terms of compliance to the new act
  • Developing a POPI Strategy to define the approach and priorities for your organisation to comply with the legislation, building on your existing strengths and filling any gaps identified by the Readiness Assessment
  • POPI Implementation, to address the actions defined in the Strategy. InfoBluePrint can assist with the implementation of the various elements of the required POPI solution, such as:
    • Defining the Personal Information privacy policy
    • Establishing an Information Classification
    • Defining and implementing Data Quality requirements
    • Defining and Implementing Organisation Structures and roles and responsibilities