Popia, here to protect customer data

Johannesburg – Since its dawn, July has been rather awkward with escalated messaging from numerous organisations all aimed at declaring how secure customers’ data is amid the commencement of the Protection of Personal Information Act (Popia).

There has been so many communiques that most certainly went unnoticed. However, one believes that most organisations did achieve their intention of gett ing a certain message across and in turn shaping their customers frame of reference, which will most likely be accepted as the gospel truth.


This resonated well with a citation by Jay Shett y in his book, Think Like a Monk, that “thoughts repeat in our minds, reinforcing what we believe about ourselves. Our conscious isn’t awake to make edits.”

Not only are such statements necessary for assuring customers that their personal data is in good hands, they equally serve to declare to the information regulator that data custodians have been hard at work getting their houses in order so as to display a certain level of compliance come the start of this month. Notwithstanding misinformation on its effective date, technical glitches on its registration portal and concerns on the registration of information, the Popia enforcement powers as promulgated by President Cyril Ramaphosa, came into effect last month.

With this, all organisations with access to personal data must ensure that it is safely kept; is used for purposes it was gathered for, and is not processed further unless authorised by data subjects.

This move comes at a time when customer data is easily accessible, most of which is gained in clandestine channels, often leaving customers victimised.

A report by the Global Economic Crime and Fraud Survey revealed that nearly one in 14 people in SA experienced some form of fraud last year. Moreover, impersonation and identity theft increased by 337% in the same year.

Ineffectiveness in the enforcement of laws has been deemed a major contributor to such data breaches. With Popia coming into effect, entities with access to personal information are now subject to a set of minimum standards relating to data privacy and security, in addition to regulations relating to the distribution and use of such information.

Ordinary customers are now empowered to report any data mismanagement to the information regulator who, in turn, is tasked with investigating such allegations.

If found guilty, organisations could be fined up to R10-million or could have their accountable officers imprisoned for a period not exceeding 10 years.

• Gwala is an enterprise data governance manager at Alexander Forbes, he writes in his personal capacity.

Sizwe Gwala.

Also read: 

#ShutdownSA protests intensifies as army is deployed

Gauteng protests hindering Emergency Medical Services responding to distress calls

Watch: Zuma’s children show support for their dad and criticises Ramaphosa leadership

Kwesta dealt financial blow as EP is blocked due to Ayanda Jiya’s dispute with producer

Ayanda Ncwane quits Real Housewives of Durban

Open Mic Productions backs up Master KG claims over Jerusalema royalty claims

Follow @SundayWorldZA on Twitter and @sundayworldza on Instagram, or like our Facebook Page, Sunday World, by clicking here for the latest breaking news in South Africa. To Subscribe to Sunday World, click here.

Sunday World

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest News