OP-ED: Think Data Protection First, POPIA Compliance Will Come

By Staff Writer

Information security and data privacy are at the core of the Protection of Personal Information Act (POPIA). Companies that prioritise the safeguarding of their proprietary and customer data will benefit from better business resilience in the face of increased cybercrime while simultaneously complying with the Act.

“A robust and resilient business should be your primary goal. Rather than focusing only on compliance, use this as an opportunity to sharpen your organisation’s data protection capabilities. Once you understand how POPIA and other information security standards, such as ISO27001, can benefit your business, it’s like hitting two birds with one stone: you take appropriate and reasonable steps to fine-tune how your business works with confidential information, and compliance follows naturally,” says Charl Ueckermann, CEO at AVeS Cyber Security.

The elements required to protect personal information are the very same elements needed for the protection of other valuable information in a business. CIOs and IT Managers should address the confidentiality, integrity and availability of data, and cover both the cyber and physical security aspects of information protection. For instance, controls must be in place to stop employees from accessing or downloading information that they should not be privy to, as well as preventative measures and policies around sharing information in other ways, such as telephonically or by saving information onto a USB device and leaving it lying around.

The first step is to identify which information needs to be protected in the organisation: “Any information that you deem as critical to your business or mentioned in POPIA should be protected. This can include information about employees and customers, product information, research data, financial information and other intellectual property,” says Ueckermann.

Starting with a facilitated POPIA assessment is a productive and cost-effective way to help a business determine how compliant they are with POPIA, which sections of the Act are applicable based on the nature of their operations, and which information should be protected. Different companies in different industries will need to take different steps. Additionally, what applies to a big corporate may not apply to a small or medium-sized business.

“A guided assessment further provides valuable insights into where there are gaps and how to prioritise addressing them. An implementation roadmap often follows a good POPIA assessment to show where to focus information protection efforts to meet POPIA’s requirements timeously,” says Ueckermann.

Ueckermann concludes saying that a proactive approach to information security now will help companies to ensure that their houses are in order, and done cost-effectively, before the POPIA grace period ends in June 2021.

“If you are not already thinking about information security, there is no better time than now. Look beyond compliance and focus on protecting your business, your intellectual property and the stakeholders that are linked to it. As you take steps to take control of your information and organisational processes, you will also prepare for POPIA. The great value-add of having control of your information is that breaches are less likely to be missed and you will have the tools and systems in place to respond quickly to, and recover from, security incidents.”

Bandile Mathebula

Award wining writer and Journalist. Founding Editor In Chief at Sibizi News. Managing Director at Sibizi Media. Vice-Chairman at Ignite Young Minds SA. I have worked in the media industry for the past 7 years working across different brands and industries.

Leave a Reply

Your email address will not be published. Required fields are marked *

Next Post

Microsoft Is Most Imitated Brand For Phishing Attempts In Q3 2020

Mon Oct 19 , 2020
Views: 52 Check Point Research issues Q3 Brand Phishing Report, highlighting the brands that hackers imitated the most to lure people into giving up personal data SAN CARLOS, CA – 19 October, 2020 – Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a […]

Let’s get social

Bujwa no Dzet presents the 'Ncika Remix' now available on all digital platforms. @Dzet_wabantu

Read more below
#artisit #gqom #lean #music #ncikaremix


In celebration of the festive season of Ramadan, Gerena Free Fire is introducing its first Ramada-themed event, Light of Ramadan.

Read more below...
#entertainment #event #games #Rewards #technology


The African Coalition on Menstrual Health Management (ACMHM) is collaborating with UNFPA, the United Nations sexual and reproductive health agency, which will be held from 25 until 27 May 2021.

Read more below...
#communities #family #healthcare #women


Did someone say Comedy?

Comedy lovers I have some thrilling news for you ,5 HeavyWeight comedy show is coming to Carnival City for one night only.

Read more below...
#comedy #competition #entetainment #show


Smart on-demand emergency response services app, Trigger, today announced it has broadened its offering to include the National Sea Rescue Institute (NSRI).

Read more below...
#digital #mobileapps #safety #technology #trigger


Load More...
Wordpress Social Share Plugin powered by Ultimatelysocial