Most organisations are taking a pragmatic approach to the imminent law, thinking it is a legal-only project.
With the European Union General Data Protection Regulation commencing soon, South African organisations should start preparing.
The newly-established office still needs to get its full independence as well as a meaningful budget to meet its obligations.
If you process any EU citizen data, you must comply with new EU General Data Protection Regulation, as well as with POPI.
It is important to dispose of redundant assets, to ensure POPI compliance when doing so, and to be aware of the risk of using a non-compliant disposal service.
The first mobile hard drive crusher in SA will be at ITWeb POPI Update 2017 in May.
Data security needs to follow sensitive data throughout its entire data life cycle management process, from capture through to disposal, says Craig Moir, MD of MyDBA.
The Protection of Personal Information Act requires all companies to have an information officer in place.
Varonis Systems' Data Security Platform assists in driving readiness for POPI as organisations await the proclamation of a commencement date.
Organisations are aware of the POPI Act, but unsure of its exact requirements and practical implementation.
The Internet of things emerges at a time when threats to our data and systems have never been greater, say experts.
This is aimed at helping delegates comprehend and implement POPI practically whilst improving their business processes.
It has changed its branding to Tarsus On Demand, says Jonathan Kropf, CEO, Tarsus On Demand.
The appointment of the two distributors aims to provide IT tools and accessories required to support the evolution of the mobile workforce in SA.
South African companies are being hacked as often as any other companies in any other county around the world, says Craig Moir, MD of MyDBA.
Know thy information, protect thy self.
CyberRiskAware is delighted to announce the latest addition to its user security awareness training library with the launch of a Data Protection course dedicated to enabling South African companies achieve compliance with the Protection of Personal Information (POPI) Act 2013.
The POPI module increases our library to over 28 security topics for staff to enjoy and complements other regional Data Protection courses covering United States of America (HIPAA), United Kingdom (Data Protection Act) and Ireland (Data Protection Act and GDPR).
Other topics in our awareness library include password, e-mail, social media, Web security, social engineering and public WiFi security.
All CyberRiskAware training content is designed with the user in mind and their busy schedules. Unlike all other content providers, we deliver "golden nugget" short, enjoyable and interactive content with videos never lasting more than one minute and courses less than eight minutes.
CyberRiskAware adds to its user security awareness training library with a course dedicated to helping local companies achieve POPI compliance. [Local rep: Bitrate]
Very few IT service providers to the SA healthcare industry are able to comply with the surety standards required by POPI.
A survey is being held to gather information about the needs of organisations when it comes to complying with this legislation.
There are different kinds of laws that must be complied with in different jurisdictions, says Michalsons Attorneys.
The IT asset disposal company is running an awareness campaign and is giving away free digital sanitisation software called destroyData.
Law firm Michalsons has made some predictions on the new legislations that it believes will have the biggest impact on local businesses.
SA has a number of laws that have been in the pipeline for some years and most of these regulations will come into play this year.
Michalsons believes that in 2017, data protection compliance will become urgent. This is because of the imminent Protection of Personal Information Act (POPI) – SA's data protection law. The POPI Act was signed by the president on 19 November 2013 and published in the Government Gazette on 26 November 2013. On 10 May 2016, the Portfolio Committee on Justice and Correctional Services shortlisted five candidates for the office of Information Regulator.
In October last year, a government statement confirmed the appointment of Pansy Tlakula as full-time member and chairperson of the Information Regulator.
According to Michalsons, the general data protection regulation grace period enters its second and final year, and the law firm expects POPI to commence by 24 May 2017 with a one-year grace period.
"This will mean that by 24 May 2018, you must comply with these privacy and data protection laws, whichever applies to you," says John Giles, a legal advisor at Michalsons. "There is no time to lose and much of the hard work needs to be done in 2017, especially the implementation action items."
He urges organisations to pay attention to outliers in different jurisdictions that could cause them problems or have additional data protection requirements.
"Converting any company's records and information systems to reach a state of compliance is a long and expensive process, which is why organisations realistically require a multi-year time frame. That said, it is not impossible for a company to reach a state of compliance within 12 months," says Clarke.
According to Michalsons, as more and more people buy and use drones and robots, drone law and robot law will grow in significance.
Regulations for drones, also known as remotely piloted aircraft or unmanned aerial vehicles, were put in place by the South African Civil Aviation Authority in July 2015. The local industry has since lamented that the regulations are comprehensive but limiting.
"Many people will find these laws difficult to comply with and, therefore, there will be much unlawful flying of drones," says Michalsons.
It also believes access to, or freedom of, information will be another bone to chew in 2017. "Who has access to what information when will continue to be at the heart of many disputes," the law firm says.
It points out that in today's information society, information empowers and those who are denied access to information will be disempowered and will be excluded from economic opportunities. "If you are focusing on privacy compliance, you also have to focus on access to information compliance because they are two sides of the same coin," Giles says.
South Africa has a number of laws that have been in the pipeline for some years and their impact will be felt this year.
In a world of shares, likes and selfies, is it unfashionable to ask for more discretion?
Mimecast (NASDAQ: MIME) makes business email and data safer for more than 21,800 customers and their millions of employees worldwide. Founded in 2003, the company’s next-generation cloud-based security, archiving and continuity services protect email and deliver comprehensive email risk management in a single, fully-integrated subscription service.
Mimecast reduces email risk and the complexity and cost of managing the array of point solutions traditionally used to protect email and its data.
For customers that have migrated to cloud services like Microsoft Office 365TM, Mimecast mitigates single vendor exposure by strengthening security coverage, combating downtime and improving archiving.
Mimecast Email Security protects against malware, spam, advanced phishing and other emerging attacks, while preventing data leaks. Mimecast Mailbox Continuity enables employees to continue using email during planned and unplanned outages.
Mimecast Enterprise Information Archiving unifies email, file and instant messaging data to support e-discovery and give employees fast access to their personal archive via PC, Mac and mobile apps.
Please visit www.mimecast.com
The secure process of IT Asset Disposal (ITAD) is our core business and what we specialise in, We provide secure data erasure for corporate IT equipment as well as providing reverse IT logistics, and IT asset buybacks… more details please visit www.xperien.com
Doxit is a POPI-compliant electronic document exchange service that provides certainty of recipient identities, confirmation of delivery acceptance and secrecy of transmission. Doxit is a secure alternative to email.
Tarsus Dispose-IT assists companies throughout South Africa with the compliant disposal of IT and electronic goods.
We help recover value for end-of-term equipment and manage complex logistics and reporting - at all times complying with mission-critical POPI and NEMWA industry regulations