Description of the POPI Act Overview Course

This course provides delegates with an overview of the new Protection of Personal Information legislation and the significant obligations placed on those business leaders identified as the “responsible parties” and “information officers”. All public and private bodies will be affected by the requirements of this legislation. Various technical and organisational arrangements will be necessary.

The collection of personal information must be for a specifically defined, lawful purpose related to a function of the responsible party. The processing of data must be for a legitimate purpose. Data subjects must be aware of the collection of the data. Adequate business controls are required to maintain data integrity and information security must meet international standards. Data must be retained only for as long as necessary and the it must be destroyed.

SEMINAR OBJECTIVES

Participants will obtain an overview of the Protection of Personal Information Act and its implications. On completion of this seminar, participants will be able to: 

  • Articulate the requirements of the Protection of Personal Information Act
  • Demonstrate an understanding of the conditions for the lawful processing of personal information
  • Identify the technical and organisational measurements necessary for protecting personal information
  • Describe the various roles and the responsibilities of the personnel who should be concerned about the protection of personal information
  • Identify the effort required to meet the requirements of the Protection of Personal Information Act and the conditions for lawful processing personal information contained therein.

 SEMINAR OUTLINE

Participants will learn through discussion and practical examples how to address the organisational, procedural, technical and legal requirements for the Protection of Personal Information.

This seminar includes topics about:

  • Overview of the legislation for the Protection of Personal Information
  • The duties of the Responsible Party and Information Officer
  • The role of Risk Management and Compliance
  • Working with the Regulator
  • Communicating with data subjects
  • The eight conditions for the lawful processing of personal information
  • How to differentiate between personal and other data
  • How to update the PAIA manual and what records to keep about the processing of personal information
  • Identifying and mitigating privacy related risks
  • Identifying the organisational and technical arrangements necessary for the protection of personal information
  • Controlling the activities of Operators
  • Trans-border exchanges of personal data
  • Building organisational capability to manage Privacy
  • Challenges from the collection, profiling, cross-marketing, unstructured data, third party processing, secondary use.

King IV Corporate Governance Assessment

King IV assessmentAssess the current level of your organisation's corporate governance using this King IV assessment tool.

Read more...

COBIT Assessment as a Service

COBIT 5 AssessmentConduct a COBIT assessment using this COBIT Assessment-as-a-Service.

Read more...

POPIA Preliminary Assessments

it governance oversightPOPIA preliminary assessments provide an efficient and effective approach to determining the extent to which the requirements of the Protection of Personal Information Act have been addressed.

Read more...

Go to top