5 data management essentials for your data privacy program

Almost everybody working with personal data will be aware of the glut of legislation, worldwide, that is seeking to protect consumers against the abuse of their personal data. In Europe, GDPR; in South Africa, PoPI, in Nigeria, DPR; in California, CCPA… Around the world, data laws are changing to promote the ethical use of consumer…

What is reasonable when it comes to PoPIA?

Another post following #ITWebGDPR2018 earlier this month. In his talk on the cost and compliance obligations of the GDPR, governance specialist Peter Hill made the point that risk, as it is referred to in the regulation, refers to risk from the perspective of the data subject. In other words, companies implementing GDPR, and PoPIA, must…

information privacy

PoPIA needs attention now!

A typical response to questions around PoPIA compliance is “we don’t need to worry about PoPIA (the South African Protection of Personal Information Act) until it’s fully implemented”. I’ve heard similar comments at several conferences.  It seems that South African companies are waiting until the last minute and assuming that they will have enough time…

POPIA and the data lifecycle

Are you ready to manage your own data breach?

“breach” An act of breaking or failing to observe a law, agreement, or code of conduct. A break in relations. A gap in a wall, barrier, or defence, especially one made by an attacking army\ Oxford English Dictionary Last week’s revelation that the personal information of over 30 million South African has been compromised. The exposure…

sassa

SASSA controversy and “creepy” data

Many South Africans will be familiar with the recent controversy over the renewal of the Net1 contract to pay social grants. I prefer not to engage with the merits of the Net1 decision – ultimately the I do not have access to the facts. The realities of whether an alternative could have, or should have, been…