Gauteng Business News

Send  Share  RSS  Twitter  06 Sep 2012

LEGAL: POPI – Take Care When Processing Personal Information


Recent Gauteng Business News

The issues surrounding security of personal information are particularly relevant when considering the provisions of the Protection of Personal Information Bill (Bill), which is intended to regulate data protection and privacy in South Africa.
“The Bill, when promulgated, will impose a number of stringent obligations on all persons who process personal information in any manner.
“Processing of information is defined under the Bill to include the collection, receipt, recording, organisation, collation, storage, updating, alteration or modification, retrieval, consultation, use, dissemination, distribution, merging, link, erasure or destruction of personal information. Persons who process personal information must also take appropriate measures to ensure that the integrity and confidentiality of personal information is maintained, including by taking, ''appropriate, reasonable, technical and organisational measures'', to prevent loss or unauthorised destruction of, damage to and unlawful processing of personal information, including by identifying all reasonably foreseeable risks relating thereto,” explains Simone Gill, Director in the Technology, Media and Telecommunications practice at Cliffe Dekker Hofmeyr business law firm.
“The measures taken are to be verified regularly to ensure that the safeguards are effectively implemented and continually updated in response to new risks or any identified deficiencies in previously implemented safeguards,” she says.

Mariska van Zweel, Associate in the TMT practice notes that the recent LinkedIn security breach that caused users passwords to be leaked once again illustrates the necessity of ensuring that adequate, appropriate security safeguards and measures are implemented to prevent unauthorised disclosure of personal information.

“According to various media reports, security experts allege that, despite LinkedIn's user statement that personal information will be secured in accordance with industry standards and technology, LinkedIn failed to follow an industry standard for encryption of user passwords,” van Zweel says.

“It is essential that all persons who process personal information in any manner embark on awareness workshops and detailed due diligence exercises to assess their level of compliance with the Bill and determine which steps are to be taken to ensure compliance, failing which they may find themselves falling foul of the obligations imposed by the Bill, which may result in criminal sanction and/or civil liability once it is promulgated,” Gill adds

HBC-SolutionsBusiness Profilesspine-alignsolarportBubble-Chair

Online Foreign Exchange
Foreign Exchange


Fax 2 Email



Online Casino


Shop Online

Study IT
Study IT Online

Web design
Web Design


Work from Home
Company News


© 2021 All rights reserved.

Daily Newsletter Subscription


Subscribe to the Gauteng Business News Daily News and information email (it's free).

Thank You
Your email address has been added.

Email Address: