The Act itself can be very complicated and confusing as it contains a large volume of legal jargon and focuses especially on the corporate environment.
Being a Managed Business Services technology provider, at Itec we deal with personal information from many customers, on a daily basis. It is vitally important to us that we as a business abide by the regulations set out in the POPI Act.
Unfortunately, there is no official accredited training or certification available to you, which means that you will need to either have a lawyer involved to guide you on your compliance journey or take time out of your busy schedule to do research on the Act requirements and how they affect your business.
In the age of digital transformation, it can be tricky to protect personal information to the extent at which is required. We are here to help! Below we have set out the solutions we are able to offer and where they fit in with regards to the POPI Act requirements. Let us help you on your journey to becoming POPI compliant.
The POPI Act sets forth 8 conditions for the lawful processing of personal information. These conditions address how organisations demonstrate accountability of ensuring they respect the privacy of individuals in South Africa.
8 POPI CONDITIONS
1
ACCOUNTABILITY
Organisation/person responsible for data compliancy.
2
PROCESSING LIMITATION
Collecting and using minimal information, with consent from data subject.
3
PURPOSE SPECIFICATION
Data collected for a specific purpose and data subject advised of purpose.
4
FURTHER PROCESSING
LIMITATION
Regulates further processing of personal information collected in point 3.
5
INFORMATION QUALITY
Responsible party to ensure that collected data is complete, accurate, not misleading and up to date.
6
OPENNESS
Be open about the collection of data and purpose for data usage.
7
SECURITY SAFEGUARDS
Technical and organisational measures to ensure integrity of data.
8
DATA SUBJECT PARTICIPATION
Data subject can request confirmation of their data being stored and a description.
See where Sophos fits in from a compliance perspective in the Security Safeguards condition.
See where Printsol fits in from a compliance perspective in the authentication of who accesses the data.
See where doc-IT fits in from a compliance perspective in the document/content storage space.
Tell me more about how you can help with POPI Compliance
Please complete this form in as much detail as possible.