SMEs get PoPI right with self-assessment info tool

27th February 2015

By: Bruce Montiea

Creamer Media Reporter

  

Font size: - +

An increasing number of small and medium-sized enterprises (SMEs) are benefiting from information security and privacy professional services firm 4Di Privaca’s Protection of Personal Information (PoPI) Impact Self-Assessment service tool, says company CEO Drew van Vuuren.

Launched in October last year, the tool helps SMEs gain a greater understanding of the extent to which they must comply with the PoPI Act regarding the collection and processing of clients’ personally identifiable information by working through the six distinct assessment areas outlined by the tool.

“The PoPI Act was promulgated in November 2013 and, since then, organisations have been racing against the clock to take reasonable steps to comply with it,” says Van Vuuren.

He adds that the service, accessible through a secure online portal, takes an organisation through a series of questions addressing all the principles and conditions defined in the Act.

“The . . . tool . . . assesses the organisation against the specific requirements outlined in the Act, as well as how, when . . . and why organisations collect and process personally identifiable information,” explains Van Vuuren.

He adds that, rather than expecting the respondent to have read the Act in its entirety in an attempt to interpret what is required, 4Di Privaca’s questions have been designed to be easily understood by the average businessperson.

Key Aspects

The assessment addresses all the key aspects of the Act, with more than 150 easy-to-answer questions and examples of the practical controls needed to meet the requirements of the Act, says Van Vuuren.

Each question has a description of the expected control measure that needs to be implemented. The tool also features a facility that enables users to communicate with experts to gain a clearer understanding of the requirements of the particular facet of the Act highlighted in the question.

“Designed to be completed in a few simple steps, with the flexibility to pause and return to the assessment, 4Di Privaca’s tool was created to enable businesses to work through the process of assessing where their risk exposures are in terms of PoPI compliance.”

Once a company completes the PoPI impact assessment, it is provided with a detailed report on its current risk exposures.

This report indicates how compliant the organisation is in terms of a percentage score, and provides remediation recommendations on how the organisation can review its broader business practices to ensure that it conducts the collection and processing of personally identifiable information in a way that ensures compliance with the Act, concludes Van Vuuren.

Edited by Samantha Herbst
Creamer Media Deputy Editor

Comments

The functionality you are trying to access is only available to subscribers.

If you are already a subscriber, you can Login Here.

If you are not a subscriber, you can subscribe now, by selecting one of the below options.

For more information or assistance, please contact us at subscriptions@creamermedia.co.za.

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION