There are many data protection laws in the world. If you look at a map of them you’ll see that there are over 100 countries with data protection laws. Do you know which ones you need to comply with? What happens if you need to comply with many of them? What do you do if there is an overlap between data protection laws? What if you have complied with some laws already, but not with a new one? How do you go about streamlining your compliance efforts?

How do you manage the overlap between data protection laws?

These are all difficult questions and we don’t have all the answers, but the place to start is to do a comparison the laws that affect you and work out what the similarities or differences are. This comparison can be done between two laws or many laws. If you compare the overlap between data protection laws in various countries you often find that they are about 80% the same – this is what we call global law. All the data protection laws around the world are really just flavours of the same thing.

You first need to know the difference between the laws

This doesn’t mean comparing a data protection law with another kind of law. For example, in South Africa you can compare the POPI Act with other legislation (like the CPA or NCA) and create a matrix of your responsibilities under these laws.

Instead, here we’re talking about comparing two or more data protection laws with each other. For example, comparing the General Data Protection Regulation with the POPI Act, or the PIS Standard. We can help with an overlap between data protection laws that affect you.

If the extra compliance requirement is from a local law

We can provide you with a report that sets out the extra compliance requirements from a local data protection law that applies in a specific country (POPI Act, etc) in addition to what the GDPR already requires of you. This report is for an organisation that is in the process of complying with the GDPR and also has to comply with an additional data protection law in another country.

The report will help you to:

  • implement a better programme to protect personal information or data,
  • comply with both laws, and
  • avoid having to do things twice.

If the extra compliance requirement is from the GDPR

We can provide you with a report that sets out the extra compliance requirements in the GDPR in addition to what a local data protection law that applies in a specific country (POPI Act, etc.) already requires of you. This report is for an organisation that has complied with a local data protection law and now also has to comply with the GDPR.

The report will help you to:

  • fit your local compliance effort in with your global data protection compliance programme,
  • implement a better programme to protect personal information or data,
  • comply with multiple data protection laws, and
  • avoid having to do things twice.

Interested?

If you are interested, please complete the form on the right or enquire now. We will contact you to find out more about your requirements and give you a quote.