OP-ED: Think Data Protection First, POPIA Compliance Will Come

By Staff Writer

Information security and data privacy are at the core of the Protection of Personal Information Act (POPIA). Companies that prioritise the safeguarding of their proprietary and customer data will benefit from better business resilience in the face of increased cybercrime while simultaneously complying with the Act.

“A robust and resilient business should be your primary goal. Rather than focusing only on compliance, use this as an opportunity to sharpen your organisation’s data protection capabilities. Once you understand how POPIA and other information security standards, such as ISO27001, can benefit your business, it’s like hitting two birds with one stone: you take appropriate and reasonable steps to fine-tune how your business works with confidential information, and compliance follows naturally,” says Charl Ueckermann, CEO at AVeS Cyber Security.

The elements required to protect personal information are the very same elements needed for the protection of other valuable information in a business. CIOs and IT Managers should address the confidentiality, integrity and availability of data, and cover both the cyber and physical security aspects of information protection. For instance, controls must be in place to stop employees from accessing or downloading information that they should not be privy to, as well as preventative measures and policies around sharing information in other ways, such as telephonically or by saving information onto a USB device and leaving it lying around.

The first step is to identify which information needs to be protected in the organisation: “Any information that you deem as critical to your business or mentioned in POPIA should be protected. This can include information about employees and customers, product information, research data, financial information and other intellectual property,” says Ueckermann.

Starting with a facilitated POPIA assessment is a productive and cost-effective way to help a business determine how compliant they are with POPIA, which sections of the Act are applicable based on the nature of their operations, and which information should be protected. Different companies in different industries will need to take different steps. Additionally, what applies to a big corporate may not apply to a small or medium-sized business.

“A guided assessment further provides valuable insights into where there are gaps and how to prioritise addressing them. An implementation roadmap often follows a good POPIA assessment to show where to focus information protection efforts to meet POPIA’s requirements timeously,” says Ueckermann.

Ueckermann concludes saying that a proactive approach to information security now will help companies to ensure that their houses are in order, and done cost-effectively, before the POPIA grace period ends in June 2021.

“If you are not already thinking about information security, there is no better time than now. Look beyond compliance and focus on protecting your business, your intellectual property and the stakeholders that are linked to it. As you take steps to take control of your information and organisational processes, you will also prepare for POPIA. The great value-add of having control of your information is that breaches are less likely to be missed and you will have the tools and systems in place to respond quickly to, and recover from, security incidents.”

Bandile Mathebula

Award wining writer and Journalist. Founding Editor In Chief at Sibizi News. Managing Director at Sibizi Media. Vice-Chairman at Ignite Young Minds SA. I have worked in the media industry for the past 7 years working across different brands and industries.

Leave a Reply

Your email address will not be published. Required fields are marked *

Next Post

Microsoft Is Most Imitated Brand For Phishing Attempts In Q3 2020

Mon Oct 19 , 2020
Views: 37 Check Point Research issues Q3 Brand Phishing Report, highlighting the brands that hackers imitated the most to lure people into giving up personal data SAN CARLOS, CA – 19 October, 2020 – Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a […]

Let’s get social

Our doors are open to you! Upon arrival, we’ll ask you to fill out our COVID screening form then we’ll also conduct a temperature check. This is for your safety as well as ours.

Sun City Renovates Children’s Centre / North West

Read more below...

#ophanage #charity #suncityresorts #donations #sibizinews

We've seen the messages & we've heard what you've had to say & we want to #KickTheDebt. We're now pledging an additional R1 million to our #KickTheDebt campaign! Converse is now giving R2 million to help fight student debt! Visit https://conv.me/ConverseKTD to apply.

Genial executive Chef returns to Sun International - @TheMaslowHotel

Read more below...

#food #foodie #themaslowhotel #chef #suninternational #knownmagazine

People are not just physical – there is a spiritual side to each of us and that’s where Fetola Magic comes in.

What magic do you experience in your business?

Load More...
Wordpress Social Share Plugin powered by Ultimatelysocial