POPI at a glance
What you need to know about The Protection of Personal Information Act (POPI)
POPI is a law that regulates how personal information (of a person or company) is collected, used, stored, disseminated, modified and destroyed.
Personal information includes:
- Contact details
- Demographic data
- Employment/financial/educational/criminal/medical history
- Biometric data
- Opinions of/about a person
- Private correspondence
POPI states:
- Only information for a specific purpose can be collected
- Collected information must be secured and protected
- Information must be relevant and up to date
- Only information that is needed can be stored
- Information can only be stored for as long as it’s needed
- People/companies are allowed to view their personal information that has been collected and stored
Non-compliance can result in:
- Fines of up to R10 million
- Jail time of between 1 year and 10 years
Business benefits:
- Increased customer confidence
- Improved database reliability
- Reduced reputational risk
High-risk areas:
- Email messages (including incorrect recipients)
- Social media
- Mobile devices and USBs
- Passwords
- Unsecured WiFi networks
Compliance checklist:
- Information officer
- Company-wide POPI policy
- Advanced security and encryption software
Winstel’s ground-breaking IT solutions help businesses mitigate data risks and ensure POPI compliance, improving transparency, reputation and business confidence.
Download our POPI infographic below.
Open/View:
