How to become POPI compliant

It is critical that your business begins its preparations to become POPI compliant as soon as possible, according to Mats Knutsson, lead solution consultant at Micro Focus.
Knutsson made the statement during a presentation at the Micro Focus Realise 2020 digital event, where he noted that while becoming completely POPI compliant may seem like a daunting task, you must make significant headway in your data privacy journey.
Knutsson also said that good general information governance is the core foundation upon which POPI compliance should be built.
“If you have a good starting point, the data privacy element comes quite easily,” said Knutsson.
The 4 key tenets of data privacy compliance
Knutsson added that there are four key things to consider in your journey to becoming POPI compliant:
- Store personal data securely and minimise access to this data.
- Remove personal data where it is not required and where there is no current user consent.
- Respond to Subject Access Requests.
- Report any breaches or loss of personal data both to regulators and individuals.
One of the biggest inhibiting factors to achieving these core data privacy principals is large data volumes.
“At Micro Focus we see a number of cases where companies have an excess of data where they have historically collected as much as they could,” said Knutsson.
“There is therefore lots of this data lying around to this day which needs to be cleaned up.”
Knutsson added that businesses with high entropy data environments – where there is a lot of unorderly data storage across the business – will find it more challenging to become fully POPI compliant.
How to approach POPI
Knutsson said that Micro Focus approaches data privacy laws like POPI in three ways.
Firstly, it has a wealth of software products, including ControlPoint, Data Privacy Manager, Content Manager, Secure Data, and NetIQ.
“Each of these products is great on their own, but the real value is when you integrate them to meet all your data privacy needs,” said Knutsson.
He also noted that Micro Focus uses a continuous five-point process which it has found to be most efficient when ensuring optimal data privacy compliance.
This process involves the following:
- Respond
- Discover
- Remediate
- Catalogue
- Report
Finally, businesses should segment their data so that different data types can be treated optimally.
This is particularly important in the case of human-generated and machine data, as these data types often need to be addressed differently.
Contact Micro Focus
If you haven’t started your POPI compliance journey yet, or if you are struggling to navigate this process, Micro Focus is equipped to help you.
Click here to find out more from Micro Focus.