For the first time South Africans will have their constitutional right to the privacy of their personal information enforced.
Protection of Personal Information or Data Privacy are terms that many South African organisations are only beginning to encounter. With the promulgation of the Protection of Personal Information law and the need for organisations to undergo privacy compliance journeys, does your organization understand the basic principles of protecting personal information according to the forthcoming law?
Deloitte Risk Advisory has produced a tutorial video on the key principles contained in the Protection of Personal Information law to assist your organization in creating data privacy awareness in preparation for the new compliance processes that organisations will be soon facing. The tutorial video has the Deloitte subject matter experts on data privacy discussing the key principles of this new law whilst providing you with a practical, easy to understand tutorial.
Protection of Personal information Act (PPI) will bring South Africa in line with international data protection laws and at the same time will protect personal information collected and processed by public and private organisations.
Personal information privacy presents a growing challenge as organisations must adapt and comply with complex international laws on how they handle personal information. The Act requires organisations to establish appropriate policies and procedures to protect the various forms of data that are part of their business operations.
Deloitte approach each matter with the view to providing workable, practical PPI solutions – underpinned by the focus of building trusted partnerships with our clients.
|Understanding the importance of PPI|
|Challenges clients face with PPI|
|The first steps to becoming PPI compliant|
|Identifying value-adds beyond minimum compliance|
|The Deloitte offering|
|Benefits to your organisation|
If you process information such as names, addresses, e-mail addresses, ID numbers, employment history, health data that are associated with an individual; or if you outsource your data to third parties, your organisation will have to comply with PPI. All organisations have personal information about shareholders, employees, customers, suppliers so PPI affects every area of your business.
Organisations should consider:
Non-compliance with the provisions of the Act may result in criminal fines, civil liability and complaints to the regulator.
There are fourteen information protection principles which establish minimum requirements for the processing of personal information which should be considered before you become compliant:
Organisations can gain significant business performance improvements by approaching the Protection of Personal Information Act as a strategic opportunity rather than a compliance cost. There are advantages to be gained within a company, for example:
Data is any company’s greatest asset – its value needs to be optimised within the framework created by the law, corporate governance requirements and customer expectations. In addition, clients that begin this project now can be positioned as front runners in the data privacy space, giving them a competitive advantage. Deloitte is able to offer the convenience of a flexible, integrated multifunctional process by encompassing all areas related to the PPI challenge.
Click on the image to enlarge...
In this way, Deloitte harnesses PPI into an opportunity which offers organisations more value through the compliance process.
Click here to view our latest media releases