Consumer Protection Act: 8 Quick facts for compliance

warrantyThe South African Protection of Personal Information (PoPI) bill is getting a lot of attention due to the wide reaching consequences of non-compliance.

With all this attention, it is easy to forget that PoPI is not yet law. In many ways, PoPI acts as an extension of the 2011 National Consumer Protection Act (CPA) which is already in effect, and has a number of clauses that affect data management.

  1. The rulings by the National Consumer Commission (NCC) have significant implications for both companies and their executive teams. The NCC will enforce these rulings and should they not be adhered to, non-compliant organisations will suffer severe consequences.

2.  The Consumer Protection Act (CPA), which is enforced by the NCC, sets out the minimum requirements to ensure adequate consumer protection is South Africa.

Let us have a quick look at the CPA and the data management implications.

3. The CPA has significant data management implications, in particular legislating how information must be stored, how data privacy must be maintained and that data quality must be ensured.

4.  For many organisations the lack of a single customer view will make it difficult to comply with the requirement to properly manage “do not contact” demands from customers across multiple product lines or business units. [Tweet this]

5.  Data Governance, historically focused on traditional legislated sectors such as financial services, is now relevant across all sectors. Businesses need to implement appropriate levels of data governance in order to ensure legislated levels of data quality and data privacy are met across the enterprise.

6.  The quality, reliability, security, accessibility and usability of a company’s data dictate the effectiveness of the organisation managing risk and compliance. This can be achieved through a well orchestrated data governance program and quality master data

7. In many ways, compliance with the CPA puts us on the path to PoPI compliance too.

8.  The real value of an enterprise data governance program lies in gaining reuse from the efforts we put in place to manage data better, rather than simply allowing us to comply with individual legislation.[Tweet this]


Image sourced from

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.