Global leaders in the design and implementation of IT governance frameworks and mechanisms.
More than 10 years experience in the protection of personal information (POPIA).
Consulting services, software solutions and wide range of training available.
OVERVIEW
The Protection of Personal Information Act requires that responsible parties ensure that any processing of personal information conforms with the eight conditions for the lawful processing of personal information. The processing of human resources (HR) information of job applicants and workers is an area of high-risk.
SEMINAR OBJECTIVES
Participants will obtain an understanding of the legislative requirements for the processing of personal Information that apply to Human Resource management. On completion of this seminar, participants will be able to:
SEMINAR OUTLINE
Participants will learn through discussion and practical examples how to prepare for and address the organisational, procedural, technical and legal requirements of the legislation for the Protection of Personal Information that impact Human Resources.
This seminar includes topics about:
OVERVIEW
The Protection of Personal Information Act has been finalised. All public and private bodies are required to record their processing of personal information in their PAIA Information Manual prior to actually processing it.
All public and private bodies are required to ensure that the processing of personal information is lawful and that personal information in their possession is always secure. Failure to do so will have serious consequences and may result in criminal proceedings and civil claims for damages.
The Protection of Personal Information Act specifies eight conditions for the lawful processing of personal information. Regardless of whether the organisation is a large corporate, government department, school or research organisation, it will have to ensure that the processing of personal information is lawful and all personal data in its possession is properly acquired, secured and destroyed when obsolete.
SEMINAR OBJECTIVES
Participants will obtain an understanding of the legislative requirements for the processing of personal Information. On completion of this seminar, participants will be able to:
SEMINAR OUTLINE
Participants will learn through discussion and practical examples how to prepare for and address the organisational, procedural, technical and legal requirements of the legislation for the Protection of Personal Information.
This seminar includes topics about:
OVERVIEW
The Protection of Personal Information Act requires that the heads of public bodies and CEO’s of private bodies register with the Information Regulator the details of the postal and street address, phone and fax number and, if available, electronic mail address of their Information officers and any Deputy Information Officers so that data subjects and the Information Regulator may contact these individuals regarding access to information and compliance with the conditions for lawful processing of personal information set out in the Protection of Personal Information Act.
The purpose of this seminar is to assist Information Officers and Deputy Information Officers understand their role and responsibilities in terms the Promotion of Access to Information Act (PAIA) and the Protection of Personal Information Act, including the extended duties and responsibilities contained in the Regulations issued by the Information Regulator.
It is the responsibility of the “Information Officer” to encourage the organisation’s responsible parties to process personal information lawfully and in a reasonable manner that does not infringe the constitutional rights of individuals to privacy. Processing of personal information must comply with the eight conditions imposed by the Protection of Personal Information Act. The Information Regulator has extended the responsibilities of the Information Officer to include ensuring a Compliance Framework is developed, implemented and monitored.
SEMINAR OBJECTIVES
Participants will receive an overview of the POPI Act and obtain a specific understanding of the role and responsibilities of the “Information Officer”.
On completion of this seminar, participants will be able to:
SEMINAR OUTLINE
Participants will learn through discussion and practical examples about the role of an Information Officer, the requirements of the Promotion of Access to Information Act and the Protection of Personal Information Act. Participants will discuss the issues that an Information Officer is expected to deal with in the course of discharging his/her responsibilities.
This seminar includes topics about:
This course provides delegates with an overview of the new Protection of Personal Information legislation and the significant obligations placed on those business leaders identified as the “responsible parties” and “information officers”. All public and private bodies will be affected by the requirements of this legislation. Various technical and organisational arrangements will be necessary.
The collection of personal information must be for a specifically defined, lawful purpose related to a function of the responsible party. The processing of data must be for a legitimate purpose. Data subjects must be aware of the collection of the data. Adequate business controls are required to maintain data integrity and information security must meet international standards. Data must be retained only for as long as necessary and the it must be destroyed.
SEMINAR OBJECTIVES
Participants will obtain an overview of the Protection of Personal Information Act and its implications. On completion of this seminar, participants will be able to:
SEMINAR OUTLINE
Participants will learn through discussion and practical examples how to address the organisational, procedural, technical and legal requirements for the Protection of Personal Information.
This seminar includes topics about:
OVERVIEW
The Protection of Personal Information Act has been finalised. Heads of public bodies, CEO’s of private bodies and the business leaders identified as “responsible parties” who control the purpose and means for processing information are required to ensure compliance with the conditions of lawfully processing personal information set out in the Act.
Business leaders and information officers who fail to fulfil their obligations defined in this Act may be charged with a criminal offence and face civil claims for damages.
It is the responsibility of the “Responsible Parties” identified by the CEO and listed in the PAIA to ensure that personal information is processed lawfully and in a reasonable manner that does not infringe the constitutional rights of individuals to privacy. Processing of personal information must comply with the obligations imposed by law and this processing must be necessary for legitimate interests of the body.
SEMINAR OBJECTIVES
Participants will obtain a general understanding of the legal obligations placed on “Responsible Parties”. On completion of this seminar, participants will be able to:
SEMINAR OUTLINE
Participants will learn through discussion and practical examples how to prepare for and address the obligations placed on responsible parties by the Protection of Personal Information Act.
This seminar includes topics about:
Why choose an IT Governance Network course?
The IT Governance Network's trainers have extensive knowledge and experience with the protection of personal information. Some members of staff are active Information Officers for clients and have been advising on the measures necessary to satisfy the requirements of the Protection of Personal Information Act for a number of years. Other staff participated in the Parliamentary discussions that resulted in the legislation.
COURSES
General and specialist courses address various aspects of the lawful processing of personal information. Courses are available in-house, open to the public and online.
POPI: Complying with the Act
The Protection of Personal Information Act requires all public and private bodies to process personal information in accordance with the conditions for the lawful processing of personal information. In most organisations personal information is ubiquitous and the risk of not processing personal information is high.
This course provides the attendee with an understanding of the key requirements of the Act and a road map to address the requirements and manage the risk.
POPI: Impact on HR
The processing of personal information with the human resources function presents many challenges for those responsible. Currently the misuse of personal information within HR is widespread making many organisations vulnerable to complains from unsuccessful job applicants and employees.
This course includes topics about processing personal information within the human resources function. Practical examples illustrate what is acceptable and what is unlawful.
POPI: Role of Information Officers
Information officers have a significant role in overseeing the protection of personal information and can be personally liable in some instances where they do not fulfil their responsibilities.
This course will assist attendees understand the role and responsibilities of the information officer in encouraging a public or private body complying with the requirements for the lawful processing of personal information, handle personal information requests and respond to interferences.
POPI: Obligations of responsible Parties
It is the responsibility of the “Responsible Parties” identified by the CEO and listed in the PAIA manual to ensure that personal information is processed lawfully and in a reasonable manner that does not infringe the constitutional rights of individuals to privacy.
This seminar informs heads of public bodies, CEO’s of private bodies and the business leaders identified as “responsible parties” about their role and responsibilities for processing personal information lawfully.
POPI: Security using ISO 27001
The Protection of Personal Information Act requires all organisations to implement the necessary safeguards to protect personal information according to generally accepted information security practices and procedures.
This course provides attendees with an understanding of the approach required to identify and implement the necessary safeguards to protect the processing of personal information using ISO 27001, the international generally accepted standard for information security.
POPI: Requirements for ERP Systems
Enterprise Resource Planning (ERP) systems process a wide variety of business information, including many types of personal information. ERP systems have many features that can assist responsible parties protect personal information. Omitting to use the available features could be a problem when non-compliance is reported to the Information Regulator.
This course provides attendees with an understanding of the privacy-related issues that will need attention in ERP systems.
POPI: Auditing Readiness and the Programme
The Protection of Personal Information Act is technical and complex. It has numerous requirements that impact just about everyone within an organisation, it’s customers, suppliers and service providers.
This seminar includes topics about:
SCHEDULE
View the latest Protection of Personal Information training schedule on the top menu - SEMINAR SCHEDULE.
Assess the current level of your organisation's corporate governance using this King IV assessment tool.
Conduct a COBIT assessment using this COBIT Assessment-as-a-Service.
POPIA preliminary assessments provide an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.