Entries by

Safeguarding Data: Process (Operations)

Each business is different so when it comes to process, i.e. making PoPI part of your business operations, the advice and solutions will be different. In general though it is important that you: Review and update all your standard and special agreements. It would be best to seek legal counsel on this. Review and update […]

Computer Faire 2003 – Sandton Convention Centre

If you were not at the Sandton Convention Centre for the 2003 Computer Faire this year, you’ve missed out! WorkPool was in attendance along with our other business partners and supporting vendors at the Sun Microsystems Solutions Pavilion. WorkPool exhibited on the Sun Solutions stand in conjunction with MB Worksoft and Samsung Contact (Datrix Solutions). […]

WorkPool receives Pick of the Year!

In a nutshell, WorkPool is a business-management tool which enables you to manage and track your client relations, individual employee’s work progress, your schedule, and company projects – to name but a few. What originally caught my attention was the fact that WorkPool is fully Internet and/or intranet based, depending on your current network setup. […]

Safeguarding Data: Public and Private Cloud

Strictly speaking, public and private clouds fall under the previous heading regarding service providers and software as a service, however due to its rise in popularity and unique set of challenges associated to it, it is discussed separately. Cloud services have probably transformed and benefited the small to medium size businesses in a much more […]

Safeguarding Data: Service Providers and Software as a Service (SaaS)

The Act makes YOU responsible and accountable to be knowledgeable and implement appropriate measures to protect personal information. You remain accountable and responsible even if you outsource services. If you are going to share any personal information with service providers or business partners, make sure it is in the best interest of your customers and […]

Safeguarding Data: Technology

For small businesses, their choice in technology solutions will be key to making or breaking their compliance with the requirements of PoPI. The PoPI Act says that responsible parties must take “appropriate, reasonable technical and organisational measures” to ensure the integrity and prevent the loss of information. As discussed in previous sections, businesses and business […]

Safeguarding Data: People

Education, education, education. Putting the most advanced and expensive systems and controls in place will not protect information if the people involved are negligent and/or ignorant in protecting personal information. It is important that you create awareness and a culture of protecting personal information through education. This includes orientation and guides for new staff and […]

Safeguarding Data: “The chain is only as strong as the weakest link”

The requirement around safeguarding of data probably has the biggest and most challenging implications to businesses. You can no longer look at and manage your business as being made up of separate, independent parts, but rather, must connect all the pieces when it comes to effectively managing personal information. Therefore, with all due respect to […]

Complaints Process: “Guilty until proven innocent”

Under the PoPI Act you are responsible to safeguard all forms of personal information of other entities in your possession and be able to prove that you have taken appropriate and reasonable steps to do this. In fact, it would be up to you to disprove any claims and/or satisfy the Regulator that you have […]

Disclosure/Notification: “Oops … sorry to HAVE to tell you … but we’ve lost your data … again …”

As a custodian of personal information it is not only your responsibility to ensure you put adequate physical and electronic security measures in place to protect your data subjects’ personal information but also to notify them if such measures have failed. Such communication could take the form of: a letter mailed to the last known […]