The POPI Act in South Africa sets conditions for how you can lawfully process personal information. It has been signed by the President and is law. You will only have one year from the commencement date to comply or face significant consequences. There is also a business case for the POPI Act. There have been many false starts, but now is the time to act.
If your organisation processes personal information, complying with the POPI Act is your problem. Those in the Financial Services, Healthcare and Marketing sectors, in particular, will be affected by the POPI Act. The objective on the POPI Act is to protect people from harm and their right to privacy.
The POPI Act is a difficult law to understand and apply to your specific circumstances because it deals with intangible concepts.
How can you comply?
We help many different organisations from many different industries comply with POPI. What we’ve realized is that:
- some organisations want to comply themselves (for example, by attending one of our workshops described on this page),
- others want to comply with our guidance by joining the Michalsons POPI Compliance Programme, and
- others want us to do what needs to be done to comply for them by asking us to quote on specific action items.
What happens if you don’t comply?
- Suffer reputational damage
- Lose customers and fail to attract new ones
- Pay out millions in damages to a civil class action
- Be fined up to R10 million or face up to 10 years in jail
Your main motivation for complying with the POPI Act should be to protect people from harm.
This is serious, you need to take action now. You can also get business value out of complying with the POPI Act – there is a strong business case.
Raise your Awareness by attending a Workshop
We offer a seminar, webinar, workshop, or executive briefing on this topic presented by an expert with practical experience. We give examples throughout.
- Get an overview of this complex law and know what practical action to take. Get up-to-speed quickly. Understand the effect of the POPI Act on your organisation.
- Get expert practical legal advice and guidance, but use your resources.
- Save time and fast track your compliance efforts whilst still applying good management principles.
- Identify your main areas of concern.
- Get a bird’s eye view and a detailed analysis of the specific practical issues that concern you.
- Find out how to comply and implement POPI in your organisation.
- Find solutions to fill gaps. Plan what you need to do, and when.
- Make your POPI project a success.
Public seminars on the POPI Act
Listen to this short video (about 2 minutes) in which John Giles (the managing attorney at Michalsons) talks about the Michalsons POPI Act workshops and explains what they entail.
Our POPI Act public seminars in 2012, 2013 ,2014, 2015 and 2016 have been well received. These are the next scheduled Public workshops:
- Cape Town: 6 June 2017 from 09:00-16:00. Book your seat.
- Johannesburg: 8 June 2017 from 09:00-16:00. Book your seat.
One delegate costs R3,920 (excluding VAT). Two or more qualifies for a 10% discount. We will serve lunch and refreshments. We limit delegate numbers, so bookings are done on a first come, first served basis. We aim to give practical insights that you can use to be effective. We do not give law lectures! We will refund you, if you do not think you received value.
Feedback from the delegates
I like the practical approach to the problem of compliance. In fact this is the first course that I have attended which actually shared a practical approach.
This is the first time that I have attended a regulatory training course that had truly practical elements to it. It was very beneficial and I feel I took away a lot of valuable ”action items”
Having been to many presentations I have to congratulate the presenters for the focus of the material and for holding the interest of the audience at all times. As one that had not been exposed to the POPI Act very much this encapsulated the bill and was presented in an understandable way. I was impressed that something this difficult was made clearer for me.
The workshop offered a practical, holistic approach on the subject of POPI compared to other workshops which are mostly just approaching the topic from a marketing perspective.
Presents digested information, saving me hours and enabling execution
I thought the seminar was very interesting and the information was presented very well by John Giles
What do we cover?
The workshop is broken down into nine sessions. Please email us and ask for the POPI Act Workshop Programme if you would like details.
- Laying the Foundation
- Overview of the POPI Act
- The Practical Impact of the POPI Act
- Why Privacy Matters – the Top Risks
- IT GRC
- Implementing Effective and Successful POPI Act Projects
- Open floor
- Take Home Points and Action Items
- Get a good understanding of the version of the POPI Act that has been signed into law.
- Reduce the penalties for non-compliance, including fines up to R10 million or prison.
- Understand how to manage the personal information you process to comply with the law, address your customer’s demands, and protect your organisation.
- Work out who in your organisation is responsible.
- Know the impact of the POPI Act on your organisation.
- Plan what you need to do for POPI in a practical way. There are many things you could do to comply with POPI, the key is to work out what you should do given limited resources and time. Now is the time to plan what you will do, when, and who will do it. Good planning, results in effective and meaningful actions that adds business value to the organisation.
- Implement some quick wins.
- Fast-track your efforts and focus on the right things.
- Reduce your overall cost of compliance.
- Minimise your risks.
- Find a practical method that suits you.
- Know where to start with your POPI project and make it a success.
We will provide attendees with:
- a copy of our comprehensive presentation covering POPI,
- a POPI word cloud,
- our POPI Mapper – a tool to map activities,
- a spreadsheet you can use to record the mapping of your activities,
- a list of POPI Action Items so that the session translates into practical action, and
- an audio recording of the event (private sessions only).
What sets us apart?
- We have significant practical experience dealing with these specific areas.
- Our sessions are interactive – you are able to ask questions, have your specific issues dealt with, and influence what gets discussed.
- Our sessions are tailored to the attendees – we ask you questions in advance so that we know what your issues are and your existing level of knowledge.
- You are able to network with other people at the event.
- We do not give sales pitches, which is unfortunately so often what speakers do at conferences.
- We provide insight and simplify the issues, which can only be done after practically applying POPI to real business issues.
- We empower you and do not try to entrench ourselves in your organisation.
- The topic gets covered more comprehensively when one person leads the discussion for a day, rather than many different people covering the same ground. It is not different people covering the same issues superficially in different ways.
- We cover the same ground in one day, rather than two. This saves you time and money. We tell you what you need to know, not everything.
Who should attend and why.
Anyone tasked (or involved) with complying with POPI. Very intelligent, experienced and educated people often attend our workshops. They usually know more about their fields than we do, so we see ourselves as facilitators helping the group to explore the topic. We always encourage people to add their value at any stage.
- Legal advisors (corporate lawyers or in-house lawyers) – to provide good legal advice on privacy issues.
- CIOs and IT Managers – to manage ICT.
- IT Operators – to ensure that ICT operates within the bounds of POPI
- IT Security officers – to secure ICT and personal information.
- IT Governance officers and specialists – to govern ICT.
- Information officers – to balance access to and protection of information. To stay out of jail.
- Marketing Managers – to market in accordance with the law.
- Compliance officers – to effectively comply with privacy laws.
- Auditors and assurance providers (internal and external) – to audit and provide assurance regards privacy
- Risk Officers and Managers – to manage privacy risks.
- HR and Payroll Managers – to ensure that the personal information of employees is protected.
- Credit Managers – to ensure that personal information of creditors and debtors is protected.
- Pension Fund Trustees – to ensure that the personal information of beneficiaries is protected.
- Directors (executive and non-executive, CEOs and FDs) – to discharge their legal duties and direct the course of the organisation, especially directors of organisations whose business is the processing of personal information.
Which organisations does POPI affect most?
Any organisation that processes a lot of personal information. This could be an organisation in the public (like the Department of Home Affairs) or private sector (like a bank or a medial aid). The industries that are most affected are Financial Services, Healthcare and Marketing. Banks, retailers, credit providers, insurance companies, medical aid companies, hospitals, direct marketers, business process outsources and telcos are some of the organisations on which POPI is high impact. The essence of some businesses is the processing of personal information – the impact on them is huge.
Who is the presenter?
John Giles is a trusted independent professional legal adviser, who is a practising attorney. He is currently helping many people understand the practical impact of POPI on their organisations. He helps them to comply with POPI and implement effective privacy projects. He has also presented over 50 times on the topic to thousands of people. John is an information, communications and technology (ICT) lawyer. He has 13 years of practical experience applying his knowledge to organisations to help them grow and avoid legal problems, difficulties, and disputes. He was one of the drafters of the IT Governance chapter in King III™.
How long is it?
We provide this course in different formats. Public and private sessions can last for anything from 45 minutes, half a day or a full day. We also provide eCourses that can be done via the Internet at your convenience. We welcome enquires for more information and details.
If you are interested, please complete the form on the right or enquire now. We will contact you to find out more about your requirements and give you a quote.