The POPI Act – When Exactly Is the US Going to Jump on the Bandwagon?
The date of General Data Protection Regulation (GDPR) compliance is now very near. Add to that the Protection of Personal Information Act (POPI), which will apply to all South African institutions or legally recognized organizations. An article I read mentioned some specific instances of personal information that may have been not spelled out in GDPR, such as private correspondence, religious beliefs, and details of your sex life – no, I am not kidding. Accountability for businesses is R10 million ($807,200) or 10 years in jail. They aren’t kidding about this.
It seems the US government hasn’t recognized the need to protect citizens’ information – the same citizens, mind you, who voted them into office. The US still lacks a single, comprehensive federal law that regulates the collection and use of personal information. Instead, the government has approached privacy and security by regulating only certain sectors and types of sensitive information, for example, health and financial, which creates overlapping and contradictory protections.
As we have seen from Equifax, Yahoo, and Uber, US companies are not very willing to admit to a data breach. What could they have done to prevent those breaches? Well, they could have put the appropriate security infrastructure measures in place to protect consumer data, and set guidelines for IT and security staff about identifying and protecting privacy information. Unfortunately, it appears they did neither.
What has this got to do with you? If you are not impacted by GDPR, or POPI for that matter, then nothing really, except encouraging corporate responsibility and ethical behavior, putting your own information governance and privacy protection policies and processes in place now, until you are forced to.
That’s where we can help. Our conceptClassifier platform can identify semantic multi-term metadata from unstructured, semi-structured, and even structured data. No hunting, searching, creating, or tuning reports until you ‘think’ you have identified all the privacy information, from all repositories. This enriched metadata is auto-classified to one or more taxonomies, where it can be tuned and tweaked by business subject-matter experts.
Our webinars also address the topics explored in our blogs. Access all our webinar recordings and presentation slides at any time, from our website, in the Recorded Webinars area, via the Resources tab.