Posts

Are you ready for POPI?

SA’s largest data breach & how you can protect your data

It turns out SA’s largest recorded data breach was traced to a Web server registered to a real estate company based in Pretoria, Jigsaw Holdings. They are a holding company for several real estate franchises including Realty1, ERA and Aida. Apparently, this website had exceptionally lax security and contained a database of 75 million records, including the records of 60 million SA citizens.

It seems that hacking wasn’t required to get access to these records as the information was easily accessible on an open Web server. The same credentials were used everywhere and allowed full administrator access across all the databases on the server. All personal data was contained in a single database in clear text. It indicates an overall lack of even the most basic security awareness.

Jigsaw Holdings missed the mark on so many levels, information governance and security was never considered. Read more

POPI and Human Resources

The bulk of personal information in a particular business is often found in Human Resources (HR) departments. Yet, HR departments are often overlooked in the compliance exercise – partly because employee personal information is seen as less important and risky than customer personal information and because of the enormity of the task.

Read more

POPI is signed into law — what should business know right now?

There are a couple of things that have to happen before the Act will become a reality for business: The President has to publish a commencement date in the Government Gazette; then businesses will have at least a year to comply; then an Information Regulator will have to be appointed and its office established.

Read more

Five Strategies to Protect Your Organizations in the Cybersecurity Age

“That means any business can be a target and suffer the consequences of a cyber-attack, and every business needs to take appropriate measures to protect itself.” This article gives five steps that every company can afford to take to protect itself against cyber attacks.

Protect data availability to comply with POPI

“Protecting customers’ personal information against loss or damage is just as important for companies considering the Protection of Personal Information (POPI) Act as protecting it against theft and unauthorised access.”

 

Get a head start on POPI with these 5 tips

“If one considers that between 70% and 80% of South African adults have been victims of cybercrime in their lifetime, the Protection of Personal Information (POPI) Act is an essential leap forward in South African legislative terms, as it is the first piece of legislation to specifically address, as its main objective, the protection of personal information.”

 

Organisations need to gear up for POPI

The Protection of Personal Information (POPI) Act is currently a hot topic, given the imminent nature of its implementation. Since the penalties for contravention of the Act can be severe, many organisations are beginning to prepare themselves for compliance. Here’s what your organisation should be doing.

 

Crib notes: Popi is here for you

Do you still have a few lingering questions about POPI? What will it really mean for you? This article answers all those questions and more.

 

Five lessons from recent cyber attacks to protect your organisation from risk of data breach in 2016

Data privacy and cybersecurity are two of the biggest concerns that companies holding personal data face in 2016. This is no surprise as 2015 saw an alarming increase in data breaches worldwide and a number of incidents in Hong Kong.

EU – U.S. Privacy Shield Unveiled

On February 29, 2016, the European Commission (“Commission”) published a draft adequacy decision and related documents that are intended to implement the EU-U.S. Privacy Shield (“Privacy Shield”).