POPI Compliance certification

[Flakmunki]

Howzit All,

Apologies if this post is the wrong section, this seemed to be the best fit.

At my company we deal with a lot of virtualisation and cloud solutions and the POPI compliance question and whether the setups will comply is coming up a lot lately.

For those who dont know what POPI is : http://www.justice.gov.za/legislation/acts/2013-004.pdf

Does anybody know if there is certification that can be done or training that can be attended to knowledge up on this, especially on the POPI act in the I.T space?

 

[newklear]

Howzit All,

Apologies if this post is the wrong section, this seemed to be the best fit.

At my company we deal with a lot of virtualisation and cloud solutions and the POPI compliance question and whether the setups will comply is coming up a lot lately.

For those who dont know what POPI is : http://www.justice.gov.za/legislation/acts/2013-004.pdf

Does anybody know if there is certification that can be done or training that can be attended to knowledge up on this, especially on the POPI act in the I.T space?

Hey Flakmunki

Here and here

 

[poffle]

Lol, good luck with Cloud solutions and POPI! Client data spread across multiple servers... not gonna happen.

 

[Cray]

Lol, good luck with Cloud solutions and POPI! Client data spread across multiple servers... not gonna happen.

Cloud data spread across servers in multiple countries is irrelevant as long as all data is stored in countries that have similar POPI legislation.

 

[MagicDude4Eva]

The closest you get with storing PII in the cloud is if those cloud companies comply to safe harbour rules. I guess the biggest challenge will still be jurisdiction: Let's say you host in the cloud, your cloud services get compromised due to the cloud service providers negligence and your customer data leaks - in this case you as the company will have violated POPI and would have a very difficult time to make the service provider accountable.

I personally will never host our customer data anywhere but in SA (and on our dedicated equipment). Most guys who jumped onto AWS 2-3 years ago are now having serious OPEX issues due to the exchange rate (their cost has gone up by 70% in 4 years).

 

[Flakmunki]

Thanks for the insights peeps and thx for the links Kasbah!

 

[John Giles]

I've just found this thread now and it is an interesting discussion. We don't believe it is possible to become POPI certified. We do however offer training and compliance programme for POPI compliance. And we also offer a POPIA Ready Seal.