POPI ACT
The move towards compliance starts with the first step of true understanding
Building Trust, Together
In an ever changing legislative environment, let us unify behind the POPI Act and create a safer environment for your stakeholders.
Data privacy is a fast growing requirement in the South African context formed from international standards and the GDPR.
With the increase in digitization and the public perception regarding the collection and subsequent use of information, the need to show compliance is not only necessary but an act of building trust with your stakeholders. While it is impossible to safeguard against a targeted intrusion, can you rest assured that your stakeholders information has been reasonably looked after in the eyes of the information regulator?
“It takes 20 years to build a reputation and few minutes of cyber internet to ruin it” – Stephane Nappo.
Consider the 8 Conditions for lawful processing:- Accountability of the information gathered
- Processing the minimum amount of information required
- Purpose specification of the data collected
- Further processing of any information
- Information quality and accuracy
- Openness and notifications of where the information is used
- Taking reasonable measures to ensure the security of the data
- Data subject participation including requests for deletion of data
Service Offering – Steps that need to be followed
- Formalising your POPI Compliance Project
- Appointing an Information officer
- Perform a gap analysis against the POPI Act
- Analyse how information is passing through your organisation
- Draft a POPI Compliance Policy based on your findings
- Review your Website and Online Platforms
- Update your PAIA manual
- Implement a POPIA compliant management process
POPIA 365 Partner
With a need to stay ahead of the curve, Tabaldi has partnered with POPIA365 – a customizable and user friendly platform created with the input from members that were directly involved in the creation of the POPI Act. The software makes use of the same terminologies as the act and references the relevant law allowing your business to demonstrate compliance to the letter.
POPIA365 uses a comprehensive data mapping tool, that assists in the better understanding of what personal information you are responsible for and how this is used. With an integrated system, able to assign tasks, specify due dates and review cycles, POPIA365 assists in managing the journey to compliance.
Reviewing your compliance is also made easy by generating a dashboard that shows areas of required attention or follow up for ease of tracking purposes. Using checklists, risk levels and assignable tasks, the required procedures for each compliance area can be managed through to completion and data subject requests can be handled with agility!
