Pro­tect per­sonal info or else...

Sunday World - - World Of Jobs - STAFF REPORTER

IS the Pro­tec­tion of Per­sonal In­for­ma­tion (Popi) Act just an­other piece of leg­is­la­tion trumped up by politi­cians or is it just good busi­ness prac­tice that has been ne­glected over the years ?

Gone are the days when com­pa­nies could be lack­adaisi­cal in their ap­proach to the pro­tec­tion of their client s per­sonal in­for­ma­tion. Ig­nor­ing the Popi Act will soon re­sult in hefty fines and even jail sen­tences.

Sys­tems to store and pro­tect per­sonal in­for­ma­tion have be­come a ma­jor threat to or­gan­i­sa­tions and, more specif­i­cally, to the busi­nesses or in­di­vid­u­als who en­trust their per­sonal or busi­ness in­for­ma­tion to them.

As a re­sult, thou­sands of South African com­pa­nies now find them­selves in an un­com­pro­mis­ing po­si­tion.

Pal­la­dium Busi­ness So­lu­tions man­ag­ing di­rec­tor Stephen Cor­ri­gan says th­ese risks can be split into three cat­e­gories. Com­pa­nies that ac­knowl­edge the rul­ings and opt to em­bed the risk and not take ap­pro­pri­ate ac­tion to be­come Popi Act com­pli­ant. Se­condly, com­pa­nies that re­alise their cur­rent sys­tems will soon be ob­so­lete and are now tak­ing steps to­wards com­pli­ancy.

And, fi­nally, in­sti­tu­tions that naively as­sume be­cause they have a rep­utable soft­ware in place, wrongly adopt the view that [it] is enough to match the re­quire­ments of the act.”

The Popi Act is im­mi­nent, with an an­tic­i­pated com­mence­ment date of July 2016. The leg­is­la­tion fun­da­men­tally in­di­cates that per­sonal in­for­ma­tion is a pre­cious good and busi­nesses found

…not to treat their clients in­for­ma­tion in such a way, will in­cur a strict penalty.

The Popi Act per­mits fines up to the value of R10-mil­lion with the pos­si­bil­ity of a jail sen­tence. Pleas of ig­no­rance and naivety of the act will not shield busi­nesses from pun­ish­ment. The sever­ity of penal­ties will be de­ter­mined solely by the ex­tent of in­fringe­ment and de­gree of neg­li­gence.

Be­cause of the strin­gent penal­ties, it s im­per­a­tive ev­ery busi­ness is mind­ful of the con­di­tions of the Popi Act and ex­er­cises due dili­gence

Cor­ri­gan says de­ter­min­ing which ac­count­ing soft­ware to pur­chase has never been so crit­i­cal. The as­sump­tion that all ac­count­ing soft­ware providers are se­cure and Popi Act com­pli­ant, is a com­mon mis­con­cep­tion and com­pa­nies need to be aware of this.”

The Popi Act de­mands ad­e­quate mea­sures in place that al­low com­pa­nies to dic­tate and mon­i­tor em­ployee ac­cess to client in­for­ma­tion. Not ev­ery reg­is­tered em­ployee on an ac­count­ing sys­tem needs ac­cess to the per­sonal in­for­ma­tion of clients to carry out their du­ties. A sys­tem should pos­sess se­cu­rity fea­tures that en­able the com­pany to tai­lor em­ployee ac­cess to cer­tain ar­eas.

It s also im­per­a­tive there are safe­guards in place to en­sure client in­for­ma­tion can­not be com­pro­mised, to con­sider how data is stored and how eas­ily sys­tems can be hacked or com­pro­mised.

At the end of the day, ex­er­cis­ing due care in the pro­tec­tion of third party per­sonal in­for­ma­tion shouldn t be re­garded as an­other piece of la­bo­ri­ous leg­is­la­tion, it s the right thing to do.”

5/9

(Prefer­ably In­dian/White/Coloured Fe­male) (Plus Con­tri­bu­tion to Med­i­cal Aid, Pen­sion Fund, Group Life, Hous­ing and Trav­el­ling Al­lowance of 550 per month)

IN­TER­NAL AU­DI­TOR

Salary:

Level:

Newspapers in English

Newspapers from South Africa

© PressReader. All rights reserved.