Simplify POPIA Compliance For Cybersecurity

The Protection of Personal Information Act (POPIA) is South Africa’s data protection law. It aims to monitor, protect and regulate the processing and flow of personal information within and outside organisations to ensure the legitimate use of personal data. POPIA follows the implementation of similar regulations elsewhere in the world, most notably the European Union’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA). 

POPIA empowers South African citizens with enforceable rights regarding their personal information, including the right to access, the right to correction, and the right to erasure, also known as the right to be forgotten. 

POPIA was signed into law on 26 November 2013 and was made effective in July 2020. Organisations have been given a grace period until 1 July 2021 to put appropriate measures in place to comply with the regulations contained within POPIA.