POPI Act Training or eLearning

///POPI Act Training or eLearning
POPI Act Training or eLearning 2017-12-07T07:00:54+00:00

Are you looking for in-person POPI Act training or POPI online training or eLearning? POPI is a new law in South Africa and there are many people who need to be trained on POPI. There are various different groups of people who need to know different things about POPI. For example:

  • People who actually process personal information as part of their daily work duties need specific training.
  • Managers need to know how to comply with POPI.
  • Sales managers, call centre agents and marketers need to know about the marketing aspects of POPI (with a focus on direct marketing issues).
  • IT managers and Information Security Officers need to know the implications for information security.
  • HR managers need to know about protecting the personal information of employees.
  • Trustees of pension funds must protect beneficiaries.

It is crucial that the POPI Act training is suitable and specific to the audience. But above all it must be practical. It is important that the training adds value to you and your organisation. One that is relevant to you and that will address your specific questions and concerns. Your time is valuable and we want to make sure you spend it wisely.

POPI Posters

One idea to raise the awareness of POPI (and other IT laws like the ECT Act, or RICA) and the importance of protecting personal information is to put up posters. You can get some free information security awareness posters and a privacy awareness toolkit off the Internet, but they are not specific to POPI. We also provide a variety of posters for a specific IT or ICT Law (ECT Act, PAIA, POPI, or RICA) to raise awareness about the law. We can provide samples on request.

In person or online POPI Act Training

We offer both traditional face-to-face and online training. We are currently running in person public and private workshops on POPI Act. We are also briefing many executives. We have a lot of content that can be presented in various ways. We use many different methods to train people, from videos, to assessments, to questionnaires, to exercises.

Public or private

We offer both public and private training. If you would you like to discuss issues specific to your organisation that you would prefer to remain confidential, private training is for you.

Who is it for?

It is crucial that the POPI Act training is relevant to the specific audience. Different audiences we focus on:

  • Managers (where we focus on helping them ensure the organisation complies with the privacy requirements under POPI, NCA, CPA and other laws in an effective and practical way)
  • Processors – people who actually process personal information as part of their daily work duties

What it achieves

Our POPI Act training:

  • enables you to demonstrate to your customers and the Information Regulator that you protect personal information,
  • raises awareness amongst employees of their privacy responsibilities under the company Privacy Policy and how to reduce the risk of a privacy breach,
  • educates employees on the company POPI Policy or Acceptable Use of IT Policy,
  • integrates information-handling practices into day-to-day business activities,
  • sets up campaigns (e.g. posters, email) as well as “role-based” training.

Our programs are aimed at different audiences, as different audiences have different needs on what they should be doing.

The Protection of Personal Information Act (POPI) requires that “appropriate, reasonable” measures be taken to protect information from loss, damage or unlawful access (as does the Payment Card Industry Data Security Standard and ISO 27001). This implicitly requires companies to set up training programs to help employees understand what those measures are (security experts often say that staff (insiders) are the biggest threat to personal information, and the list of breaches maintained by the Privacy Rights Clearinghouse is dotted with incidents resulting from employee mistakes). This is particularly important as section 21 of POPI requires the company to notify the Regulator and data subject of security breaches.


  • We focus on giving  practical steps and outcomes, rather than just a summary of the law.
  • We contextualise our training and explain why people are attending and why things need to change (if things do need to change).

Interested in POPI Training?

Please fill in the form to the right or enquire now. We will contact you to find out more about your requirements.