POPIA DIY, the 10-week POPIA action plan for your practice
Because nobody knows your practice better than you do.

10 weeks

R3 500 (excluding VAT)

About 1 hour per week, online


POPI DIY. Because you know your practice best

Let’s face it, there are some things you shouldn’t try to do yourself. Off the top of our heads we’d list anything to do with electricity, diagnosing yourself from the internet (it’s never lupus), or applying self-tan lotion. It shouldn’t be done. But when it comes to protecting the personal information of your patients – who better to take charge of the process than you?

Over the next ten weeks, we’re going to send you a new mission every Monday to help you protect the personal information of your staff and patients. The action plan is designed to:

  1. Help you understand what personal information is, and help you identify the processes through which you collect, use, store and destroy it in your business
  2. Increase your awareness of privacy risks in your practice
  3. Help you protect the personal information of your patients more effectively
  4. Get you ten steps closer to complying with the Protection of Personal Information Act (POPI).

Protecting the personal information of your patients is not just about POPI compliance, it’s about trust. Your patients trust you with their personal information, and without that trust you won’t be able to do business. The reputational damage of a privacy breach tends to be much more severe than any other consequence of non-compliance. Think we’re bluffing? Here’s an infographic of the most disastrous data breaches of the last 5 years.

Who is this for?

If you have a medical practice, or a small business this programme is ideal for you.
It is not ideal if:

  • you are a listed company or business with more than 10 staff members
  • your core business is processing personal information or if a breach would mean a business interruption (e.g. you buy and sell personal information, you are a retailers of consumer goods and services who does e-commerce or has a loyalty card, you do direct marketing on a large scale, you’re a software company who processes personal information or processes personal information on behalf of other companies)
  • you already have a compliance or risk manager or in-house lawyers
  • you are part of a larger group of companies, particularly if the group shares information with each other

But even if you fall in one of these categories, the tool is great if you just want to start wrapping your head around what the POPIA is about and what it would take to plan your own POPIA project. If you are already worried about the implications of POPIA for your business, and need a project with a bit more heft, get hold of us. We can help you get going or even run the project for you.

What we’ll cover

Demystifying personal information

Focus on forms: How you collect personal information

Clearing the clutter: How to manage PI on paper

Electronic documents: Protecting digital information

Electronic documents: Protecting your records

What are operators and do you have them?

Oh @#$% a breach! What should you do?

Is sharing always caring? Giving patients access to their own records

Reviewing the risks you identified and drafting your privacy notice

A recap of the programme and a final chance for your questions

But wait, there’s more!

As part of your 10-week programme you’ll get some free lawyer time. No, you’re not being punished, we’re simply giving you the option of talking to a POPI pro about your privacy concerns as you go through the ten steps. We’ve set aside a whole hour for you to pick our brains.

Ready to roll?

What’s next?

Once you have completed the registration form, we will send you an invoice for R3 500 (excluding VAT). As soon as we receive proof of payment, we will enrol you in the programme. Easy as pie.