POPI Act Compliance

Thank you for filling the POPI Compliance Checklist Form.

Introduction:

Section 14 of the Constitution of the Republic of South Africa, 1996, provides that everyone has the right to privacy, and the right to privacy includes a right to protection against the unlawful collection, retention, dissemination, and use of personal information. To this end, the Promotion of Access to Information Act, 2000, and Protection of Personal Information Act (POPIA), 2013 were enacted.

Objective:

Assessment of the gap in your entity’s ‘As-Is’ and ‘To-Be’ with regards to POPIA

Result of assessment:

Answering “No” to any of the questions puts you at risk.

For Lawful Processing of Personal Information, your entity, referred to as ‘The responsible party’, must ensure that the conditions set out in POPI, and all the measures that give effect to such conditions (listed below), are complied with at the time of the determination of the purpose and means of the processing and during the processing itself.

  1. Accountability;
  2. Processing limitation;
  3. Purpose specification;
  4. Further processing limitation;
  5. Information quality;
  6. Openness;
  7. Security safeguards; and
  8. Data subject participation.

The above result thus indicates that your entity currently (does not appear to be/appears to be) in a position as envisaged by the content of the POPI Act to lawfully process personal information in its possession.

Recommendation:

In (resolving/improving) the above, we recommend that your entity follow a 4 Steps approach to implement the requirements under POPIA; namely:

Step 1 – Perform a Gap Assessment,

Step 2 – Perform a risk assessment,

Step 3 – Formulate a project steering and resource/planning, and

Step 4 – Implementation Project.

Conclusion

Based on the above result, your entity does (not appear / appear) to have (done enough / done some work), in readiness for POPI compliance, which may leave you open to undiscovered data breaches and Information Regulator’s investigations leading to potential enforcement action.

Our team can be on-site in a matter of days – to assist you with any of the phases/stages of POPI that your entity might be currently in need of assistance and identify your processing risks in just a few hours.

Please fill the form below to talk to us.

Contact Details:

PHONE:
+27 (0) 11 02 11 384

Email:
info@overlandconsulting.co.za