Data Protection for public bodies

You process personal data for your public body when you:

• gather your clients’ personal information,
• employ your employees,
• provide services to your clients

Data protection can be complex and tricky to understand by yourself. The risks of failing to adequately protect personal data are high. Reputational damage, especially for a public body can be very damaging, and the public can lose their faith in you.

We all know by now that the Protection of Personal Information (POPIA) Act of 2013 ensures data privacy. Arguably, South Africa lacks government cybersecurity coordination (between national and municipal levels, as well as with outsourced vendors). Awareness and coordination are key to creating a culture of cybersecurity readiness. Big industries, which are also part of the public sector, hold large volumes of data and their security is important. These industries include healthcare and education.

There is a lack of adequate assessments of cybersecurity risks and insufficient transparency of these risks with other departments and public bodies, as well as data subjects. There is also the major challenge of raising and maintaining cybersecurity culture amongst South Africans, and to persuade citizens to adopt good practices for cybersecurity. Because technology develops quickly, the nature and sophistication of cyberattacks can also evolve at the same pace, if not faster. This makes public bodies vulnerable because of the personal information they hold. Public bodies must stay several steps ahead by being strategically prepared to identify, prevent and predict the attacks.

Research has shown that South Africa is one of only 28 countries globally to have a cybersecurity policy in place. South Africa also has the Information Regulator to make sure that private and public bodies comply with the provisions of POPIA. People with concerns regarding interference with the protection of their personal information can also lodge complaints with the Regulator. Interference can be classified as a breach or non-compliance. The Regulator investigates these complaints.

Your public body or entity plays a vital role within South Africa. There are many different public entities that perform many different purposes, but all of them important. To achieve these various purposes you collect and process personal data.

This lens will help you process personal data lawfully and create a culture of data protection in your organisation. Use your resources, but with our expert guidance. Transfer skills to the relevant people in your organisation and empower them to protect personal information in your organisation.

Our data protection for public bodies lens is worth joining for any public body or institution, like local governments or municipalities. This does not mean that everyone in your organisation needs to go through this programme. As a public body, we believe your core data protection team should join and work through the programme. This core team could include:

• your Data Protection Officer (or Information Officer),
• accounting officers,
• someone from IT,
• legal practitioners (legal and compliance),
• risk managers,
• your project manager,
• other relevant senior managers.

Our data protection for public bodies lens is worth joining to:

• Raise your awareness by learning about the data protection laws that apply to your institution.
• Protect your data subjects from harm by protecting their personal data that your organisation processes.
• Reduce the risks of non-compliance (like damage to your brand) by focusing your efforts
• Reduce your overall costs by doing it yourself with our assistance.

The lens condenses our core data protection programme into a through, yet manageable size for people who work in a public body. We provide you with links to useful resources, actions for you to take, and an introductory video for you to watch. To help you achieve the outcomes we also provide tools like templates, checklists and links to fast-track your compliance efforts.

• We believe in using the law as a tool to prevent harm from coming to people.
• We have significant practical experience dealing with data protection law.
• We cover only those areas of data protection law that are most relevant to you, saving you time and money.
• We provide insight and simplify the issues, empowering you to work through the obligations yourself.

Once you have joined the programme, you can decide when it would be best for you start working through it and how long you are going to take. You can go as fast or slow as you like. Sign up now to book your place.

A lens is a complimentary programme that you get access to by joining the data protection programme. It contextualises data protection for a particular audience, such as community schemes, non-profits or schools.

These lenses serve as an additional guide as you work through the core programme.

100% Money Back Guarantee

We will refund you if you do not think you received value.