Understanding the Information Regulator's priorities is no longer just good practice; it's essential to avoid enforcement action. Having attended the Regulator's recent stakeholder breakfast, we can distil the key lessons and confirmed changes that will shape the compliance landscape in […]
The Information Regulator stakeholder engagement revealed the regulator's thinking on how to comply with the Protection of Personal Information Act (POPIA) and the Promotion of Access to Information Act (PAIA). More importantly, the regulator confirmed expected amendments to the POPIA [...]
DORA compliance for vendors is now a live requirement, and selling technology to European financial firms is therefore like constructing a new building in a crowded city: you must meet the code, welcome inspections, and prove the structure can take [...]
For many, being GDPR certified or obtaining GDPR certification is the holy grail. It provides proof that you comply with the GDPR and other data protection laws. This is especially true for processors that process personal data on behalf [...]
The AI policy for public healthcare in the Western Cape (WCG) is in motion. The policy promotes the use of AI tools to address institutional capacity constraints and varying skill levels. Meaning that developers and deployers of AI-enabled healthcare tools [...]
Let's talk telco cybersecurity in South Africa. Securing a telecommunications network is like trying to tune into a radio station amid heavy static: operators must carefully adjust both their security controls and their compliance processes to cut through the noise. [...]
What is cybersecurity compliance mapping? Navigating cybersecurity compliance today is like conducting a precise archaeological dig: you must carefully uncover each layer of obligations without damaging your organisation's underlying structure. Each jurisdiction, sector, and obligation presents distinct challenges, demanding meticulous [...]
We've all got that chaotic drawer at home — a messy collection of old chargers, mystery keys, forgotten receipts, and batteries that may or may not work. While such clutter at home might only cause mild frustration, allowing your business [...]
Today, the South African information regulator held a webinar called "Ask the Regulator". The purpose of the webinar was to allow participants to ask the regulator questions and for the regulator to encourage and support them in complying with POPIA […]
GDPR vs POPIA. How do they compare? The key is to identify the differences and similarities between the GDPR and the POPI Act. For example, who needs to comply with them, do they both apply to the same data [...]
Wouldn't it be lovely if there were a comprehensive checklist that could help you comply with POPI or POPIA? Because the Protection of Personal Information (POPI) Act in South Africa is a principle-based law, it is not possible to [...]
The Information Regulator was created by the Protection of Personal Information Act (POPI Act). POPI gives the Information Regulator teeth - it has extensive powers to investigate and fine responsible parties. Data subjects can complain to the Information Regulator [...]
