Tag: Information Regulator
Privacy check-in – POPIA pitfalls in the hospitality industry
South Africa's hospitality industry is seeing a shift from traditional leisure-based tourism to experience-based tourism, focused on providing tourists with unique, authentic life-enriching experiences.
Managing data governance in the era of AI
As artificial intelligence (AI) becomes increasingly integral to business operations, data governance is essential to ensure the ethical and effective use of this technology. Integrating AI responsibly into business processes must be an organisational priority.
Building a privacy-first organisation in the age of AI
With consumers increasingly aware of both the value of their data and of the threats to it, it’s never been more crucial for business leaders to respect user privacy. The South Africa’s Information Regulator has stated that local companies report at least 100 cyber security breaches every month.
Privacy by design – the cornerstone of addressing privacy risks
The privacy and protection of personal information has been front of mind for many organisations since the enactment of the Protection of Personal Information Act (POPIA) in 2013 and its subsequent commencement in July 2020.
Enforcement notice issued against the SAPS
It was with great shock that the South African society learned about the rape of several women near Krugersdorp in July 2022. But what was more worrisome was the shock of the victims upon realising that their personal details such as names, residential addresses and occupations appeared on social media platforms!
Employee privacy risk potholes to avoid
Employees are expected to remember and adhere to numerous policies, including privacy policies. Poster campaigns are rolled out to reinforce positive behaviour and still when we consider data breaches it is often unbelievable how the mistake that resulted in the breach could have possibly occurred.
Key things organisations need to do to ensure POPI compliance
The Protection of Personal Information Act (POPI) is a crucial statute for organisations to get right. Not only because the 4th Industrial Revolution (4IR) is all about data and information but also because a breach of the POPI Act could result in imprisonment and fines.
Employers can be held liable for employee data breach conduct
While the Protection of Personal Information Act (POPIA) has been in effect for a while, most employers are still not grasping the far-reaching consequences the Act poses on how they collect, store and dispose of information. POPIA affects so many aspects of the business such as the information technology systems, customer processes and information handling practices. Therefore, POPIA cannot be ignored.
Massive data breach in SA – did Experian do enough?
In mid-August 2020, approximately 23.4 million South Africans' personal information was compromised. The data breach was announced by Experian South Africa on 19 August 2020. Correctly, Experian issued a notification to the Information Regulator, but is this enough? Experian stated that 'no consumer credit or consumer financial information was obtained', but what information was then the subject of the breach?
South African Data Privacy laws finally come into force
On 22 June 2020, the effective commencement of the Protection of Personal Information Act 2013 (POPI) was gazetted as 1 July 2020.