POPIA DIY, the 10-week POPIA action plan for your business
Because nobody knows your business better than you do.
POPIA DIY. Because you know your BUSINESS best
Let’s face it, there are some things you shouldn’t try to do yourself. Off the top of our heads we’d list anything to do with electricity, diagnosing yourself from the internet (it’s never lupus), or applying self-tan lotion. It shouldn’t be done. But when it comes to protecting the personal information of your customers – who better to take charge of the process than you?
Over the next ten weeks, we’re going to send you a new mission every Monday to help you protect the personal information of your staff and customers. The action plan is designed to:
- Help you understand what personal information is, and help you identify the processes through which you collect, use, store and destroy it in your business
- Increase your awareness of privacy risks in your business
- Help you protect the personal information of your customers more effectively
- Get you ten steps closer to complying with the Protection of Personal Information Act (POPIA)
Protecting the personal information of your customers is not just about POPIA compliance, it’s about trust. Your customers trust you with their personal information, and without that trust you won’t be able to do business. The reputational damage of a privacy breach tends to be much more severe than any other consequence of non-compliance. Take a look at the most disastrous data breaches of the last 5 years and imagine your name on the list.
Who is this for?
If you have a small business this programme is ideal for you.
It is not ideal if:
- you are a listed company or business with more than 10 staff members
- your core business is processing personal information or if a breach would mean a business interruption (e.g. you buy and sell personal information, you are a retailers of consumer goods and services who does e-commerce or has a loyalty card, you do direct marketing on a large scale, you’re a software company who processes personal information or processes personal information on behalf of other companies)
- you already have a compliance or risk manager or in-house lawyers
- you are part of a larger group of companies, particularly if the group shares information with each other
But even if you fall in one of these categories, the tool is great if you just want to start wrapping your head around what the POPIA is about and what it would take to plan your own POPIA project. If you are already worried about the implications of POPIA for your business, and need a project with a bit more heft, get hold of us. We can help you get going or even run the project for you.
What we’ll cover
WEEK 1
Demystifying personal information
WEEK 2
Focus on forms
WEEK 3
Clearing the clutter – how to manage personal information on paper
WEEK 4
Electronic documents – protecting digital personal information
WEEK 5
Electronic documents – protecting your records
WEEK 6
What are operators, and do you have them?
WEEK 7
Data breach – what should you do?
WEEK 8
Is sharing always caring? Giving customers access to their own personal information
WEEK 9
Direct marketing. Can we still do it?
WEEK 10
Reviewing the risks you identified, and privacy notices.