The Protection of Personal Information Act (POPI) is new data protection legislation that was approved by the South African Government in 2013. The legislation was put in motion with the introduction of the Information Regulator in 2017 and will fully take effect in early 2019.
POPI supports the Promotion of Access to Information Act of 2000 and compliance by public and private bodies will be monitored and enforced by the Information Regulator. Another responsibility of the Regulator is to issue codes of conduct for the different sectors and to make available guidelines to assist these bodies with their development and application of these codes of conduct.
Businesses of all sizes will need to prepare for POPI and be able to demonstrate compliance. Focus will fall on the transparency that businesses will need to provide to the enforcing authority, namely the Information Regulator
The main data protection regulations that businesses will need to be aware of are:
The Information Regulator will be the regulatory body that enforces POPI in South Africa. One of their functions is to administer fines for non-compliance. The fines can be substantial under POPI and can reach up to R10 million, imprisonment up to 10 years, or both.
Redstor are ISO 27001 and 9001 certified and have two-decades experience in managing and protecting data across multiple platforms for organisations of all sizes, from enterprise to SMEs to schools.
Redstor have designed and implemented well-documented data protection policies that ensure all aspects of the Protection of Personal Information Act are upheld with regards to backup data and working with data processors. Redstor have the ability to give insight into the data organisations have on their networks, advise on best practice to protect data and then implement strategies around backup, archiving and disaster recovery.