Data Privacy and Compliance

What is data privacy compliance?

Privacy compliance law states how organizations (regardless of their industry) meet regulatory and legal requirements for collecting, processing, and maintaining personal information.

A breach in data privacy can lead to legal consequences and may be followed by investigations and fines.

What is the POPI Act in South Africa?

The Protection of Personal Information Act (or POPI Act) is South Africa’s equivalent to the EU GDPR. It sets some conditions for responsible parties (called controllers in other jurisdictions) to lawfully process the personal information of data subjects (both natural and juristic persons).

What is the Popi act, and what is its purpose?

The POPI Act protectsgoal of the POPI Act is to protect data subjects from security breaches, theft, and discrimination. To accomplish this, it outlines eight principles that South African data processors must follow to accomplish this. Each principle encourages responsibility, security, and consent.

The eight information protection principles contained in the Bill are the following:

  • RPrinciple 1: Accountability
  • RPrinciple 2: Processing Limitation
  • RPrinciple 3: Purpose Specification
  • RPrinciple 4: Further Processing Limitation
  • RPrinciple 5: Information Quality
  • RPrinciple 6: Openness
  • RPrinciple 7: Security Safeguards
  • RPrinciple 8: Data Subject Participation

Data Strategy Questions everyone is asking of businesses:

  • tWhat data do you have of mine?
  • tWhen did you get it?
  • tWhy did you get it in the first place?
  • tWhat are you doing with it now?
  • tWho is seeing it?
  • tWhere is it backed up?
  • tHow long will you keep it?

Any business must, in terms of the POPI Act, be able to answer any DSAR Request (data subject access request) by a person or company within a specified time frame. The average cost of such a request is around R17,800. Imagine if your company experienced hundreds if not thousands of these DSARs in a month? Could your company manage the load and remain compliant?

The Challenge

The problem is that company data is stored in many different places:

In the cloud
In third-party software applications
On hard drives
On backups
All over the place

Data proliferation, increased data protection and privacy legislation, and data loss incidents are top-of-mind concerns for businesses today. Organizations are tasked with protecting their data footprint to address these challenges. Still, they find that it can be complicated to protect sensitive data if you don’t know what you have or where it resides within the ecosystem. This lack of data insight puts organizations at risk for data breaches, reputational damage, and fines for non-compliance with data protection laws.

How does a company scan peta bytes of data, both past, and present, to be in a compliant position to understand which data is sensitive and they must keep or which data can they get rid of or shred?

The Solution

An intuitive, intelligent, automated, and robust solution that can manage and protect your company data in real-time, providing you with real-time dashboards, stats, and real-time access when needed.

Spirion Sensitive Data Platform (SDP) provides Privacy- Grade™ data discovery and purposeful classification in a highly scalable SaaS hybrid architecture, able to thoroughly scan both on-premises endpoints/servers and cloud repositories at enterprise scale. It quickly and automatically discovers, classifies, and remediates almost any form of sensitive data or personally identifiable information (PII) anywhere on-premises, in the cloud, and on all endpoints.

Three ways that SPIRION reduces RISK:

  • Discover your data
  • Classify your data
  • Protect your data

We're Here To Help!

Privacy Policy

10 + 13 =


VNQ Systems , 3rd Floor,
Skeen Office Park
16 Skeen Boulevard
Bedfordview 2007


Monday – Friday:
8:30 AM – 17:00 PM

Call Us

011 450 33 79