Do you comply with the POPI Act?

The POPI Act (or POPIA) was released to protect personal information about leads, prospects, customers, employees, suppliers and even rivals.

What is Personal Information?

Personal information includes:

  • a) information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
  • b) information relating to the education or the medical, financial, criminal or employment history of the person;
  • c) any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person
  • d) the biometric information of the person;
  • e) the personal opinions, views or preferences of the person;
  • f) correspondence sent by the person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence;
  • g) the views or opinions of another individual about the person; and
  • h) the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.”

This list, from (a) through (h), shows examples of what personal information can include. But, the moment any information can be related to an identifiable person, it’s “personal” information.

What is your responsibility?

The responsible party (that is you) must ensure that the conditions set out in the POPI Act, and all the measures that give effect to such conditions, are complied with at the time of the determination of the purpose and means of the processing and during the processing itself.

In short, you need at minimum the following:

  1. A POPIA Manual (Internal).
  2. Appointment of an Information Officer.
  3. Website Privacy Statement.
  4. Terms and Conditions.Covering at least how you will protect personal information and what you will do with the personal information. This includes a Cookie Policy and should be loaded on your website.

This is by no means a comprehensive list, but the minimum required for your website. We have some templates and guides available should you wish to make use of it.

What technology is needed to protect personal information?

At minimum you need:

  1. A Backup Tools/Apps, covering your email, computers, website, and backups relating to any other technology used in your company.
  2. An Encryption Tools/Apps, covering the encryption of your email, website, and all computing equipment used in your company.
  3. Password Management Tools/Apps, covering how you will protect all passwords and permission structure of any email, hard drives, computers, servers, and printers.
  4. Virtual Private Network Tools/Apps, protecting you and your data from unauthorized access.
  5. Antivirus Tools/Apps, to protect you and your data (including personal information collected) from potential hackers.

Most of these tools or applications are readily available, some are free and some are not. We can assist you in the selection of cost effective apps and the setup and installation thereof.

For more information complete the form below:

1 + 4 = ?