POPI Act Compliance
Failure to comply with the requirements of the POPI Act could have dire consequences. Although one cannot and shouldn’t shy away from the legal aspects of the Act, POPIA should be seen as an opportunity to identify, clean-up and manage information better, and in doing so, improve business processes.
Steps to take Immediately
- Data collection (type of data, purpose, consent, legal aspects, minimality, and transparency) Data access and accuracy (correct, complete, reliable and process of updating information)
- Data usage and restrictions (purpose, relevance, restrictions, legality, permission, limitations)
- Data storage (physical, off-site, electronic, back-up, cloud storage)
- Data security safeguards (physical, electronic, network, password control, disaster recovery. Disclosure (legality, consent, data subject awareness, data request handling)
- Responsibilities (All directors, top management, Information Officer, personnel dealing with Personal Information, vendors, contractors, suppliers)
- Complaints (process, handling, legalities, transparency)
- Retention (retention schedule) Destruction (destruction schedule) Implement staff awareness training (all current staff, new appointees and regular refresher training).
Put procedures in place to monitor and enforce compliance before the due date of 1 July 2021.
We are here to help you. Contact us today to get your ready before 1 July 2021
T: 0861 CPIWORLD (27496753)
E:sales@cpiworld.co.za