What is the POPIA?

The Protection of Personal Information Act (POPIA), No 4 of 2013 promotes the protection of personal information by public and private bodies.

Protection of Personal Information (POPI) Consultancy and Assessment

The Act has been signed into law by the President of South Africa (Jacob Zuma) on 19 November 2013 and published in the Government Gazette Notice 37067 on 26 November 2013. The Act is only partially operational, with a focus on sections 39-54, 112 and 113.

Members of the Information Regulator took office on the 1st December 2016 and endeavour to fully operationalize the Act in 2018. In terms of POPIA, all public and private bodies will be expected to be compliant with its provisions within 1 (one year).

Chapter 3, outlines the conditions for lawful processing of personal information in South Africa. Responsible Parties must ensure that ALL conditions have been met, when processing Personally Identifiable Information (PII) of a natural person and, where applicable, a juristic person.

To comply with Condition 8, Security Safeguards, the responsible party must have due regard to generally accepted information security practices and procedures which may apply to it generally or be required in terms of specific industry or professional rules and regulations.

Protection of Personal Information (POPI) Consultancy and Assessment

How we can help.

Protection of Personal Information (POPI) Consultancy and Assessment

Assessment Services:

  • Scope assessment – Discover your PII information assets and your information security control environment.
  • Combined Assessment Model (CAMs) assessment – assessment covering multiple standards including frameworks such as PCI DSS, ISO 27K etc.

Technical Services:

  • Technical Testing – Scan for vulnerabilities and perform penetration testing to identify vulnerabilities and exploitable weaknesses in your critical systems and controls.

Trusted Advisory Services:

  • Engage our experienced consultants in a fully flexible way to achieve your POPIA compliance objectives.