Personal Information Management Services 

PoPIA Assessments and Implementations

We will help you understand and successfully address the organisational impact of the Protection of Personal Information Act, no.4 of 2013 (PoPIA) 

Our scope of Personal Information Management Services aims to identify organisations’ Protection of Personal Information Act (PoPIA) (no 4 of 2013) readiness gaps and build their collective competence in addressing these risks efficiently and effectively. The AVeS Cyber Security team consists of experts who are here to equip customers and clients to prove their ongoing PoPI Compliance to clients, auditors and the Information Regulator.

Refer to our Payment Card Industry (PCI) Compliance solution for information specific to protecting payment card data against loss and fraud. 

Data classification groups according to PoPIA

What is affected by the Protection of Personal Information Act? 

• Organisations’ policies and procedures regarding the collection, processing, and storage of personal information 

• Contractual agreements with suppliers

• Bring-Your-Own-Device (BYOD) usage 

• Data or device encryption capabilities 

• Incident response communication plans around informing customers/clients/ suppliers (data subject) of data breach 

• Organisation’s marketing tactics and permission to use specific data 

Our PoPIA Compliance Framework

It is all about owner consent and legal responsibility