The key provisions of the Protection of Personal Information Act, 2013 (“POPIA”), commenced on 1 July 2020, with a grace period provided to organisations until 1 July 2021 to en sure that their workplaces are fully compliant with the Act. The purpose of the law is to ensure all South African organisations conduct themselves in a reasonable and responsible manner when managing personal information by holding them accountable should they abuse or compromise personal information in any way.

Personal Information relates to a “Data Subject” which is both a natural person and a juristic person or organisation. Personal Information itself relates to any information that can be linked to a “Data Subject” that is not publicly available. The Act relates to the collection, use, storage, access, and destruction of any Personal Information.

Businesses that don’t comply with the Act, regardless of whether it’s intentional or accidental, can face severe penalties. The Act makes provision for fines of up to R10 000 000-00 (ten million rand) and/or jail time of up to 10 years.

At Ariston Global our vision is “To Become The Preferred Enabler To Business Simplicity And Success Globally.” In order to simplify your compliance and allow you to focus on your core business we have designed the following services :

  • pre-breach services:
    • the preparation of data-management policies and procedures for businesses, 
    • incident response plans, 
    • information officer services, 
    • information officer training and advice on all aspects of POPIA, including
    •  trans-border transfers of personal information.

  • post-breach services
    • breach response, 
    • mitigation of liability, 
    • breach notifications and regulatory investigations, and 
    • complex litigation matters involving data-breaches

Contact Ariston Global today should you require assistance with POPI compliance.