https://www.engineeringnews.co.za

KPMG: POPI takes effect

14th April 2014

  

Font size: - +

This article has been supplied as a media statement and is not written by Creamer Media. It may be available only for a limited time on this website.

KPMG Services (Pty Ltd)  (0.06 MB)

It has now been announced that certain sections of the Protection of Personal Information Act came into effect on 11th April 2014. The relevant sections deal with the establishment of the information regulator, the procedure for making regulations and the nature of the regulations which the Information Regulator may make with regards to POPI (including how complaints will be submitted, investigations, administrative fines and the responsibilities of the information officer of a company), amongst others.

The fact that the provisions allow for the establishment of the Information Regulator before the remaining provisions of POPI become effective means that companies cannot rest on a belief that the establishment of the regulator will cause further delays with regards to the implementation of this legislation.

POPI aims to give effect to the constitutional right to privacy of consumers by introducing measures to ensure that organisations process personal information in a fair, responsible and secure manner. The legislation covers why and how they collect, use, disclose and store personal information belonging to natural and juristic persons.

Graham Teare, head of KPMG’s privacy multi-disciplinary team in South Africa, says, “Globally, we are seeing a move to enforcing privacy protection, with significant regulatory fines in the cases of non-compliance.”

All companies, that process personal information, are required to comply with POPI. Non-compliance has serious consequences, such as fines and possibly, prison terms, and most significantly reputational risk.

“Organisations should not underestimate the potentially negative effect of a non-compliance on the company’s reputation,” says Teare. “The consequences of a tarnished reputation, including customers’ loss of trust in the organisation could far exceed the effects of a fine.”

Nikki Pennel, KPMG legal privacy specialist, acknowledges that most companies have some sort of privacy standards and processes in place. However, she suggests that organisations conduct an analysis identifying gaps in their current state of privacy readiness for compliance with POPI.

“Critical to the gap analysis is identifying practical strategies which can be implemented easily and are aligned to the operations of business,” explains Pennel.

Teare suggests that “POPI should be considered from a number of perspectives - legal, business processes, systems and overall governance, amongst others.”

Complying with POPI is challenging as proven in the Breaches of Privacy and Loss of Data Survey, conducted by the Ponemon Institute (using 2012 data), on breaches of privacy in the United Kingdom. The survey identified negligent employees or contractors (37%), system and business process failures or glitches (29%), malicious or criminal attacks (34%) as root causes for data breaches.

“Companies therefore need to ensure that their current processes, employees or contractors and systems can handle the potential demands POPI could place on them,” cautions Teare. “The Act should not be viewed in isolation. It provides a broad framework but must work in conjunction with other industry-specific legislation which touches, to some extent, on data protection.

“POPI requires a dedicated team of specialists with a full complement of privacy experts to assist clients navigate the new legislation,” explains Teare. “An effective POPI team should comprise of specialists from Corporate Law, Information Technology, Regulatory Compliance team and Forensics. The POPI solution will have to be commercially-focused, client-centric and practical.”

To watch Creamer Media's latest video reports, click here
 

Edited by Creamer Media Reporter

Comments

Showroom

VEGA Controls SA (Pty) Ltd
VEGA Controls SA (Pty) Ltd

For over 60 years, VEGA has provided industry-leading products for the measurement of level, density, weight and pressure. As the inventor of the...

VISIT SHOWROOM 
Yale Lifting Solutions
Yale Lifting Solutions

Yale Lifting Solutions is a leading supplier of lifting and material handling equipment in Southern Africa. Yale offers a wide range of quality...

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.216 0.273s - 158pq - 2rq
Subscribe Now