Every captain needs a good first mate. But what if you find yourself without one? Or you have one, but they’re overwhelmed with the amount of swash they have to buckle? If you’re struggling to navigate the rocks and monsters of data protection compliance, you need an outsourced information officer worth their saltwater.
Outsource the responsibilities of the information officer to Michalsons
When it comes to the ocean of legal responsibility, Michalsons is the perfect partner to help you weather the storms.
Why an outsourced information officer?
Managing data protection in an organisation requires expertise, people, time and money. But so does every other aspect of running a business, which means that often, one or more of these is in short supply:
- Experienced information officers are rare, and vulnerable to poaching;
- Data protection teams juggle various tasks, often with a wider focus than just data protection;
- Enquiries, handling incidents and changes in the law require thoughtful responses with quick turnarounds; and
- Filling any of these gaps, or simply implementing time-saving compliance tools, is an expensive exercise.
By shifting some or all of your information officer responsibilities to an outsourced information officer (or outsourced privacy counsel), you can help relieve these stresses and set yourself up for smooth sailing.
How we can help you
While POPIA doesn’t allow you to delegate your authority and accountability under the Act, it does allow you to delegate your responsibilities. This clears the deck for you to appoint an outsourced information officer to do all the heavy lifting that POPIA requires from you. This includes:
- Encouraging compliance, like engaging with executives and running awareness campaigns;
- Responding to requests and investigations, like data subject access requests, incident notifications or Regulator investigations;
- Otherwise ensuring compliance, like registering your information officer, mapping your activities, implementing compliance policies and procedures and helping you choose and implement the right data protection compliance software.
Our offerings can take the pressure off your crew and your coffers. We set out various options for you to choose from, below. The options complement each other and you might switch options during your compliance journey.
We can be the outsourced privacy counsel helping you fulfil all of your responsibilities under POPIA. This works best when you don’t have enough people or experience to do it yourself, and want to ensure that you have continuous access to the right minds and muscle to run your compliance project for you.
Choose this option where you want to outsource your data protection function entirely.
We can be the niche specialist assisting your internal personnel with specific data protection services that they can’t do themselves. This works best when you have a general counsel who knows the basics of data protection law, but needs extra hands or experience with the more technical aspects.
Choose this option where you want to outsource niche services, to support your in-house data protection generalist.
We can provide you with tools to help your internal data protection team perform at the top of their game, like the Michalsons Data Protection Programme. This works best when you have a strong, self-sustaining team that is looking for guidance on best practices and latest developments.
Choose this option where you want access to the right tools for the job, to support your in-house data protection specialist or team.
We can act as your authorised POPIA representative. This is especially necessary for organisations who need to be registered with the information regulator (for example, because they process personal data in South Africa), but who are based outside of South Africa. In such a case, a POPIA representative takes on the role of a conduit between you and the information regulator.
Choose this option where you want us to act as your POPIA representative, to help you keep aware of complaints and regulator communications.
Our Experience
Michalsons has been a leading voice in data protection law since before POPIA was even enacted. During that time, we have gathered and shared invaluable practical experience of the ins and outs of the data protection and privacy landscape.
We have helped our clients meet their data protection responsibilities on time and under budget, including:
- running executive briefings and internal awareness workshops
- responding to information requests and guiding incident responses
- conducting personal information impact assessments
- running gap analyses and mapping activities
- implementing compliance frameworks and data protection policies
- and much, much more.
In other words, we’ve been an outsourced information officer for years – in practice, if not in name.
Our Clients
Michalsons has acted as an outsourced information officer for various clients and to varying degrees.
We have done work for clients across the globe, from SMMEs to multinationals, and across a wide range of industries, including IT service providers, manufacturers, marketers, media agencies, insurers, and healthcare providers. See what our clients say about us.
How you Benefit
With us as your outsourced privacy counsel, your data protection voyage will be a breeze. We can:
- Expertise – ensure that your compliance project is at the leading edge of data protection law, by giving you access to expert data protection attorneys;
- People – lower the pressure on your team and ensure business continuity, by assigning a dedicated team of attorneys to your project;
- Time – meet your obligations with care and diligence, by ensuring that work gets done thoughtfully and on time;
- Money – save precious budget, by lowering the costs of appointing and training up internal business resources.