In the March 2022 EngineerIT panel discussion, now available online, three industry leaders discuss the Protection of Public Information Act (PoPIA) which came into force in July last year. The discussion was around the question if POPIA was of benefit to business or a hindrance.
The participant in the discussion are: Kevin Halkerd, Risk and Compliance Manager e4; Karl Blom, Senior Associate Webber Wentzel and Sumeeth Singh, Head: Cloud Provider Business VMware SSA.
All three participants were in agreement that that PoPIA was a benefit to business and it aligns South Africa with the rest of the world sending a clear message that their data is safe in South Africa. But as with all regulations it is the compliance and ultimate enforcement by the authorities that makes implementation successful. The POPI regulator is understaffed for the role it must play with only a small number of staff dealing with reported infringements.
The act does not differentiate and applies equally to all businesses from small to large. Compliance may particularly be difficult for “Mom-and-pop" stores. The suggestion is that perhaps there should have been a different approach. One example is a garage, the owner is more concerned with fixing customers' cars than customers' information.
Listen to this interesting discussion about how businesses generally are befitting from PoPIA, even if you did not think so. The panellist also make suggestions of how "Mom and Pop” stores can go the PoPIA route.