Ф franciscronje.com

  • Home
  • Services
  • POPIA
  • About
  • POPIA WORKSHOPS
  • Blog
  • Referrals
  • Contact
  • Terms of Use

The National Assembly approved POPI

9/12/2012

7 Comments

 
All parties approved the Protection of Personal Information Bill (POPI) during its second reading at the National Assembly on 11 September 2012. It will now find its way to the National Council of Provinces (NCOP) before final enactment.

With these latest developments, it is quite astonishing to observe the increased and sudden spark of interest across  various industries.

Finally organisations have the proposed piece of legislation (POPI) on their doorstep and cannot allow themselves to persist in postponing remediation efforts.

From our experience, it can take moderate to large organisations anything between 4 - 12 months to conduct a Privacy Gap Analysis, or also sometimes loosely referred to as a Privacy Impact Assessment (although this term should ideally be associated with internal efforts).

The subsequent remediation effort (depending on the findings) can take anything between 6 months to 3 years and is an ongoing process. I am therefore sometimes amased to see how some large organisations are still downplaying POPI - the impact it will have on their processes and their way of doing business going forward - by continuing with stalling the process of embarking on a POPI project.

Most companies are oblivious to the fact that POPI has far reaching effects on almost every aspect of their business (Legal & Compliance, HR, Information Governance, CRM, Information Security, Records Management etc.) and that consequences of non-compliance could have dire consequences, not just from a regulatory perspective, but even more so from a reputational perspective.

Oneman operators as well as SMMEs should also familiarise themselves with the
workings of POPI. Too much emphasis are sometimes placed on the larger organisations and it would seem that an insignificant amount of smaller entities have studied the impact of POPI on their own dealings and day to day operations.

An ineffective Regulator (which I doubt), will not halt civil remedies offered to the public and organisations and SMMEs alike are well-advised not to underestimate the prowl and awareness of current day consumers and customers.

Remember, you can have security without privacy, but you cannot have privacy without security.

Receiving therefore only security (physical and IT) consulting on your systems and operations or gaining purely legal advice, will prove futile. A comprehensive data protection analysis, encompassing a balanced approach with thorough understanding of POPI and the organisational environment it affects, should in our opinion be considered.

Download a copy of the final draft of POPI here.
7 Comments
Francis Cronje link
10/18/2012 06:39:51 am

Hi Savi. First and foremost the Bill needs to be enacted (in other words it needs to be signed by the President). Therefater the formation of the Information Regulator will start, which makes out part of the implementation process. This might take some time and could last anything from 2 - 8 months.

Reply
growing weed seeds link
5/27/2013 06:41:16 am

It is hard to protect the personnel data, so it is important to have the Protection of Personal Information Bill (POPI). The facts that you given about this bill are very informative and useful. Thank you for the article that is related to POPI.

Reply
online link
9/24/2013 07:34:02 am

not everyone understands why and who needs it yet. but eventually everything will fall into its places.

Reply
custom essays online link
10/21/2013 02:52:06 am

In most parliamentary computers, the demean home is the also omnipotent home during the amphetamine home is only a room of instruction or audit. Thanks.

Reply
grant proposal writing link
10/29/2013 03:37:44 pm

Thank you for another important article. Where else can you get this information in a comprehensive way of writing? It took me a week, and I am looking for information.

Reply
online link
11/3/2013 10:14:30 am


I'll right away clutch your rss as I can not to find your e-mail subscription link or newsletter service. Do you've any? Kindly permit me know so that I may just subscribe. Thanks.

Reply
methods of data collection link
1/17/2014 03:52:22 am

There should not even be dialogue, too late, the horse has bolted. What a lot of ludicrous tomfoolery in this thread and replies. Has it ever occurred to anyone that it is The National Assembly that is falling into the age-old trap of timidity in the face of an insidious enemy that has no such qualms about lying and other underhand tactics? Too bad methods of data collection do not have the facility to think ahead and to think clearly but instead are ruled by emotion alone.

Reply



Leave a Reply.

    Author

    Francis Cronje is an Information Governance specialist and provides insight from a legal and governance perspective on a wide range of topics in the Information and ICT sphere, including matters pertaining to the Protection of Personal Information (POPI) / Data Protection / Privacy, Information Security and other related topics.

    View my profile on LinkedIn
    Follow @franciscronje

    Archives

    September 2017
    January 2016
    September 2015
    July 2015
    May 2014
    February 2014
    November 2013
    August 2013
    July 2013
    June 2013
    May 2013
    March 2013
    January 2013
    November 2012
    September 2012
    August 2012
    June 2012
    April 2012
    March 2012
    February 2012
    January 2012
    September 2011

    Categories

    All
    Corporate Governance
    Data Protection
    Developing Countries
    Ict
    Information Security
    Ncop
    Popi
    Privacy
    Protection Of Personal Information
    South Africa
    Zuma

    RSS Feed

  • Home
  • Services
  • POPIA
  • About
  • POPIA WORKSHOPS
  • Blog
  • Referrals
  • Contact
  • Terms of Use