BUSINESS owners listened attentively to a talk on the Protection of Personal Information (Popi) Act, held at Umdlalo Lodge in Umtentweni last Friday.
Powered by Greatads The act was signed into law on November 19, 2013 and, in simple terms, the Act ensures that ‘all South African institutions conduct themselves in a responsible manner when collecting, processing, storing and sharing another entity’s personal information by holding them accountable should they abuse or compromise your personal information in any way’.
Santoosh Maharaj (vice-president business development of Pétanque International) was the keynote speaker and explained how Popi could benefit businesses, saying the legislation basically considers personal information to be ‘precious goods’.
“We have to accept that we now live in an information age and with this comes the responsibility for everyone to take care of and protect their own information.
Do not accuse someone else of sharing or compromising your personal information when you publish the very same information on public services like Facebook, LinkedIn, Google or public directories,” warned Mr Maharaj.
“Modern technology makes it easy to access, collect and process high volumes of data at high speeds. This information can then be sold, used for further processing or applied towards other ends.
He reiterated that it was vitally important to realise that this right to protection of ‘personal information’ is not just applicable to individuals but to any legal entity, including companies and communities or other legally recognised organisations.
“All of these entities are considered to be ‘data subjects’ and are afforded the same right to protection of their information. This means that while you as a consumer now have more rights and protection, you and your company/organisation are considered ‘responsible parties’ and have the same obligation to protect other parties’ personal information. As a company this would include protecting information about your employees, suppliers, vendors, service providers and business partners.”
He reminded his audience that incorporating Popi into the day-to-day operations of their businesses would most likely require a significant amount of time and effort, including educating and training staff, updating business processes and implementing or updating technology solutions.
“But if you are a custodian of personal information, it is vital that you consider Popi as there are serious implications for non-compliance,” he concluded.