SlideShare a Scribd company logo

The Popi Act 4 of 2013 - Implications for iSCM

Myron Duncan Burton Betshanger
Myron Duncan Burton Betshanger

The Protection of Personal Information Act (POPI) regulates how personal information can be processed and establishes conditions for lawful processing. It aims to protect personal information and balance privacy rights with other rights like access to information. The POPI Act applies broadly to any party that collects, holds, or uses a person's information. It impacts procurement processes by requiring consent for personal information use, only collecting relevant data, and maintaining security. Non-compliance can result in fines, damages lawsuits, and reputational harm.

Business
1 of 16
THE PROTECTION Of PERSONAL INFORMATION (POPI) Act 4 of 2013 The Implications of The Protection of Personal Information Act (POPI) for Integrated Supply Chain Management (iSCM) Presented by: Myron D. B. Betshanger Corporate Governance, Legal & Regulatory Compliance Specialist
CONTENT 1.The purpose of the Protection of Personal Information Act (POPI) Act 2.Application of The POPI Act 3. Definitions In The POPI Act 4.Condition For Legal Processing of Personal Information 5.Impact Of The POPI Act on Procurement Process 6.Consequences For Non-Compliance
The purpose of the Protection of Personal Information Act (POPI) is to:  give effect to the constitutional right to privacy, by safeguarding personal information when processed by a responsible party, subject to justifiable limitations that are aimed at:  balancing the right to privacy against other rights, particularly the right of access to information; and  protecting important interests, including the free flow of information within the Republic and across international borders.  regulate the manner in which personal information may be processed, by establishing conditions, in harmony with international standards that prescribe the minimum threshold requirements for the lawful processing of personal information;  provide persons with rights and remedies to protect their personal information from processing that is not in accordance with this Act PURPOSE of The POPI Act
APPLICATION of The POPI Act  As a result of the POPI Act, any party that collects, holds and uses a person’s personal information will have to do so under certain circumstances.  The requirements will apply to personal information that is held in relation to employees, customers, suppliers as well as prospective customers and prospective suppliers (i.e. bidders) for supply contracts.
POPI Act DEFINITIONS WHAT IS PERSONAL INFORMATION FOR PURPOSES OF POPI ?  “ Personal Information” is information relating to an identifiable, living natural person or juristic person as far as applicable.  POPI defines “personal information” very broadly to include, but which is not limited to the following – i. Information relating to the race, gender, sex, pregnancy, marital status, national, ethic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person; ii. Information relating to the education or the medical, financial, criminal or employment history of the person; iii. any identification number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person; iv. the biometric information of the person; v. the personal opinions, views or preferences of the person; vi. correspondence send by that person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence; vii. the views or opinions of another individual about the person; and viii. the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
 “ Processing” means any operation or activity or any set of operations whether or not by automatic means, connected to personal information including – (a) the collection, receipt, recording, organization, collation, storage, updating or modification, retrievable, alteration, consultation or use; (b) dissemination by means of transmission, distribution or making available in any other form; or (c ) merging, linking, as well as restricting, degrading, erasure or deconstruction of information. NOTE: POPI only covers the processing of personal information that is entered into a record by or on behalf of a responsible party that is domiciled in South Africa, or, if not domiciled in South Africa, is using automated or non- automated means that is situated in South Africa.  “ Record” means any recorded information – a) Regardless of the form or medium, including any of the following: i. Writing on any material; ii. Information produced, recorded or stored by means of any tape-recorder, computer equipment, whether hardware or software of both, or other device, and any material subsequently derived fom information so produced, recorded or stored; iii. Label, marking or other writing that identifies or describes anything of which it forms part, or to which it is attached by any means iv. Book, map, plan, graph or drawing; v. Photograph, film, negative, tape or other device in which one or more visual images are embodied so as to be capable, with or without the aid of some other equipment, of being reproduced.
b) whether or not it was created by a responsible party; and c) regardless of when it came into existence ( NB The retrospective provision in POPI)  “ Electronic Communications” includes any text, voice, sound and imaged messages and includes the message being stored prior to the recipient retrieving it. This would include social medium platforms such as Facebook, LinkedIn, Twitter, etc in addition to e-mails, the Internet and the Intranet.  “ Consent” for purposes of POPI means any voluntary, specific and informed expression of will in terms of which permission is given for the processing of personal information. NB  It is important to note that “Consent” means specific consent . General consent will therefore not be sufficient and a specific consent for each instance in which the personal information will be dealt with, must be obtained.  The consent must have provided for exactly what personal information is required, why it is required, how it will be dealt with, and where it will be stored.  The consent must also provide for whether the personal information will be shared
 “ Data Subject” means the owner of the personal information (natural persons and/or juristic persons). In the procurement context this will mean the bidding or contracting company or services provider, its owners, managers, directors and employees.  “ Information Officer” means the person appointed by the responsible party to manage the application of POPI.  “Operator” means any person acting under a mandate or under contract of a responsible party who has a duty not to disclose personal information. In the context of procurement this means any third party to whom procurement services has been outsourced either in whole or in part. The operator must maintain the integrity and confidentiality of personal information collected.  “ Responsible Party” A private or public entity or any other person who determines the purpose of and the means for processing personal information. In the procurement context, this would be the procuring entity often referred to as “The Employer / The Purchaser” in procurement contracts.  “Regulator” means the person to be appointed to implement and enforce the provisions of the POPI Act.
Conditions For Legal Processing of Personal Information POPI sets out EIGHT (8) Conditions that must be complied with, namely – 1. Accountability (Section 8 of POPI) 2. Processing Limitation (Sections 9 - 12 of POPI) 3. Purpose Specification (Sections 13 – 14 of POPI) 4. Further Processing Limitation (Section 15 of POPI) 5. Information Quality (Section 16 of POPI) 6. Openness (Sections 17 – 18 of POPI) 7. Security Safeguards (Sections 19 – 22 of POPI) 8. Data Subject Participation (Sections 23 – 25 of POPI)
Impact of The POPI Act on the Procurement Process • Minimally: RFX /vendor registration form must only request relevant personal information from bidder/supplier, Personal information which is not relevant for bid evaluation or conclusion of a contract with a supplier must not be collected. • Consent, justification and objection: Record of consent and objections from bidder/supplier to processing of personal information throughout the tendering process. • Sources other than the data subject: Personal information (e.g. reference letter verification) that The Employer / The Purchaser needs to obtain from a third party must be collected with prior consent from the bidder/supplier. Bid preparation • Notification to data subject: The Employer / The Purchase must ensure that a bidder/supplier is aware of the purpose the information is collected, as well as the consequences of failing to provide the information. • Bid documents submitted late must not be retained longer than necessary for the purpose collected for. • Integrity and confidentiality of personal information of late submitted bids must be maintained. • Notification of security compromise to the Regulator and bidders in writing. Issue, receipt & opening of bids
• Consent, justification and objection: Record of consent and objections from bidder/supplier to processing of personal information. • Sources other than the data subject: Verification or receiving of personal information of supplier/bidder from third party must be done with prior consent from bidder/supplier. • Bid documents of unsuccessful bidders must not be retained longer than necessary for the purpose collected for. • Integrity and confidentiality of personal information of unsuccessful bidders. • Notification of security compromise to the Regulator and bidders in writing. Bid evaluation, Shortlisting & Adjudication
• Minimally: Personal information which is not relevant for conclusion of a contract with a supplier must not be collected. • The Employer / The Purchaser must put measures in place to prevent loss, damage, unauthorised destruction and unauthorised access to personal information of supplier/contractor. • The Employer / The Purchaser must notify the Regulator and supplier/contractor of the security compromise in writing. Contract award & management (general obligations)
• Contract between The Employer / The Purchaser and the operator must ensure that the operator establishes and maintains security measures to safeguard personal information being processed on behalf of The Employer / The Purchaser. • The operator must notify The Employer / The Purchaser immediately in an event where there are reasonable grounds to believe personal information has been accessed by an unauthorised person. • The contract with an operator must ensure confidentiality of personal information processed on behalf of The Employer / The Purchaser. • A supply contract with an operator must include standard clauses outlining joint responsibility in terms of the protection of personal information. • The Employer / The Purchaser must have audit rights to conduct regular audits on the operator’s security and confidentiality measures. Contract award & management (Supply Contract with an Operator)
Consequences Of Non-Compliance With The POPI Act  FINE and/or IMPRISONMENT (not exceeding 10 Years)  Any person who hinders, obstructs, or unlawfully influences the Regulator or any person acting at the direction of the regulator;  An employer who fails to comply with an enforcement notice;  An employer who violates any conditions of processing of an account number.  FINES  Administrative Fines : o The Regulator may issue an infringement notice in the event of an alleged contravention of the provisions of POPI. o The Regulator must specify the amount of the administrative fine which may not exceed ZAR 10 million. o The Transgressor may within 30 days of receipt of the infringement notices a) elect to pay the fine so determined by the Regulator, or b) make instalment arrangements with the regulator to pay such fine as imposed, or c) take the Regulator’s determination on review to the High Court.
Consequences Of Non-Compliance With The POPI Act  Civil Damages  The Data Subject may sue the Transgressor for damages or may request the Regulator to sue for damages.  The principle of strict liability applies, meaning its not necessary for the Data Subject or the Regulator on behalf of the Data Subject to prove intent or negligence.  The amount of damages that may be awarded is punitive and far in excess of what can presently be awarded under South African law. i. The damages could include monetary and non-monetary loss; ii. Aggravated damages, iii. Interest and costs  Fact that court order must be published in the Government Gazette and requirement that appropriate be made can inflict great reputational damage on organizations.
THANK YOU MYRON D. B. BETSHANGER Corporate Governance, Legal & Regulatory Compliance Specialist 16 Verveen Street Westenburg Polokwane, South Africa Mobile: +27 74 780 3862 e-mail: betshangermyron2@gmail.com LinkedIn: https://za.linkedin.com/pub/myron-duncan-burton-betshanger/37/219/1b8 Twitter: @betshangermyron

Recommended

The Protection of Personal Information Act: A Presentation
The Protection of Personal Information Act: A PresentationThe Protection of Personal Information Act: A Presentation
The Protection of Personal Information Act: A Presentation
Endcode_org
 
The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013
Myron Duncan Burton Betshanger
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection Regulation
Vicky Dallas
 
POPI Act compliance presentation
POPI Act compliance presentationPOPI Act compliance presentation
POPI Act compliance presentationOvationsGroup
 
#HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance #HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance
Dovetail Software
 
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
TrustArc
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentation
Kholisile Mazaza
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...
Cvent
 

Recommended

The Protection of Personal Information Act: A Presentation
The Protection of Personal Information Act: A PresentationThe Protection of Personal Information Act: A Presentation
The Protection of Personal Information Act: A Presentation
Endcode_org
 
The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013The Protection of Personal Information Act 4 of 2013
The Protection of Personal Information Act 4 of 2013
Myron Duncan Burton Betshanger
 
GDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection RegulationGDPR Basics - General Data Protection Regulation
GDPR Basics - General Data Protection Regulation
Vicky Dallas
 
POPI Act compliance presentation
POPI Act compliance presentationPOPI Act compliance presentation
POPI Act compliance presentationOvationsGroup
 
#HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance #HR and #GDPR: Preparing for 2018 Compliance
#HR and #GDPR: Preparing for 2018 Compliance
Dovetail Software
 
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
Best Practices for Managing Individual Rights under the GDPR [Webinar Slides]
TrustArc
 
Popi act presentation
Popi act presentationPopi act presentation
Popi act presentation
Kholisile Mazaza
 
General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...General Data Protection Regulations (GDPR): Do you understand it and are you ...
General Data Protection Regulations (GDPR): Do you understand it and are you ...
Cvent
 
Personal Data Protection in Malaysia
Personal Data Protection in MalaysiaPersonal Data Protection in Malaysia
Personal Data Protection in Malaysia
MSC Malaysia Cybercentre @ Bangsar South City
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
GDPR training
GDPR training GDPR training
GDPR training
ASL
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
The Pathway Group
 
Werksmans presentations on popi
Werksmans presentations on popiWerksmans presentations on popi
Werksmans presentations on popiWerksmans Attorneys
 
GDPR 2.0 - Data Controllers v Processors
GDPR 2.0 - Data Controllers v ProcessorsGDPR 2.0 - Data Controllers v Processors
GDPR 2.0 - Data Controllers v Processors
Adam Wood
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by Qualsys
Qualsys Ltd
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...
IT Governance Ltd
 
[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure Compliance[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure Compliance
AIIM International
 
GDPR Introduction and overview
GDPR Introduction and overviewGDPR Introduction and overview
GDPR Introduction and overview
Jane Lambert
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
Kimberly Simon MBA
 
California Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to ComplianceCalifornia Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to Compliance
Tinuiti
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPR
Priyab Satoshi
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
Priyanka Aash
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection ActSaimaRafiq
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance Preparation
LawPlus Ltd.
 
GDPR: Key Article Overview
GDPR: Key Article OverviewGDPR: Key Article Overview
GDPR: Key Article Overview
Craig Clark ITIL, CIS LI,EU GDPR P
 
Data Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectData Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data Subject
John Macasio
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...
Vijay Dalmia
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR Demystified
SPIN Chennai
 
POPI
POPI POPI
POPI POPI ACT Protection of Personal Info
 
Opportunities and benefits of POPI
Opportunities and benefits of POPIOpportunities and benefits of POPI
Opportunities and benefits of POPIPOPI ACT Protection of Personal Info
 

More Related Content

What's hot

Personal Data Protection in Malaysia
Personal Data Protection in MalaysiaPersonal Data Protection in Malaysia
Personal Data Protection in Malaysia
MSC Malaysia Cybercentre @ Bangsar South City
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_indiaAltacit Global
 
GDPR training
GDPR training GDPR training
GDPR training
ASL
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
The Pathway Group
 
GDPR 2.0 - Data Controllers v Processors
GDPR 2.0 - Data Controllers v ProcessorsGDPR 2.0 - Data Controllers v Processors
GDPR 2.0 - Data Controllers v Processors
Adam Wood
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by Qualsys
Qualsys Ltd
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...
IT Governance Ltd
 
[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure Compliance[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure Compliance
AIIM International
 
GDPR Introduction and overview
GDPR Introduction and overviewGDPR Introduction and overview
GDPR Introduction and overview
Jane Lambert
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
Kimberly Simon MBA
 
California Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to ComplianceCalifornia Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to Compliance
Tinuiti
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPR
Priyab Satoshi
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
Priyanka Aash
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection ActSaimaRafiq
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance Preparation
LawPlus Ltd.
 
GDPR: Key Article Overview
GDPR: Key Article OverviewGDPR: Key Article Overview
GDPR: Key Article Overview
Craig Clark ITIL, CIS LI,EU GDPR P
 
Data Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectData Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data Subject
John Macasio
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...
Vijay Dalmia
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR Demystified
SPIN Chennai
 

What's hot (20)

Personal Data Protection in Malaysia
Personal Data Protection in MalaysiaPersonal Data Protection in Malaysia
Personal Data Protection in Malaysia
 
Data protection in_india
Data protection in_indiaData protection in_india
Data protection in_india
 
GDPR training
GDPR training GDPR training
GDPR training
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
 
Werksmans presentations on popi
Werksmans presentations on popiWerksmans presentations on popi
Werksmans presentations on popi
 
GDPR 2.0 - Data Controllers v Processors
GDPR 2.0 - Data Controllers v ProcessorsGDPR 2.0 - Data Controllers v Processors
GDPR 2.0 - Data Controllers v Processors
 
GDPR: Training Materials by Qualsys
GDPR: Training Materials by QualsysGDPR: Training Materials by Qualsys
GDPR: Training Materials by Qualsys
 
Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...Legal obligations and responsibilities of data processors and controllers und...
Legal obligations and responsibilities of data processors and controllers und...
 
[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure Compliance[Presentation] GDPR - How to Ensure Compliance
[Presentation] GDPR - How to Ensure Compliance
 
GDPR Introduction and overview
GDPR Introduction and overviewGDPR Introduction and overview
GDPR Introduction and overview
 
General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR) General Data Protection Regulation (GDPR)
General Data Protection Regulation (GDPR)
 
California Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to ComplianceCalifornia Consumer Privacy Act (CCPA): Countdown to Compliance
California Consumer Privacy Act (CCPA): Countdown to Compliance
 
Introduction to GDPR
Introduction to GDPRIntroduction to GDPR
Introduction to GDPR
 
DPDP Act 2023.pdf
DPDP Act 2023.pdfDPDP Act 2023.pdf
DPDP Act 2023.pdf
 
The Data Protection Act
The Data Protection ActThe Data Protection Act
The Data Protection Act
 
PDPA Compliance Preparation
PDPA Compliance PreparationPDPA Compliance Preparation
PDPA Compliance Preparation
 
GDPR: Key Article Overview
GDPR: Key Article OverviewGDPR: Key Article Overview
GDPR: Key Article Overview
 
Data Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data SubjectData Privacy Protection Competrency Guide by a Data Subject
Data Privacy Protection Competrency Guide by a Data Subject
 
Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...Reasonable security practices and procedures and sensitive personal data or i...
Reasonable security practices and procedures and sensitive personal data or i...
 
GDPR Demystified
GDPR DemystifiedGDPR Demystified
GDPR Demystified
 

Viewers also liked

Gateway TechnoLabs Corporate Presentation
Gateway TechnoLabs Corporate PresentationGateway TechnoLabs Corporate Presentation
Gateway TechnoLabs Corporate Presentation
sonnysonare
 
UI Design for Sterling Commerce Multi Channel Selling and Fulfillment Suite
UI Design for Sterling Commerce Multi Channel Selling and Fulfillment SuiteUI Design for Sterling Commerce Multi Channel Selling and Fulfillment Suite
UI Design for Sterling Commerce Multi Channel Selling and Fulfillment Suite
Greg Laugero
 
Ricardo Espinosa
Ricardo EspinosaRicardo Espinosa
Ricardo EspinosaRontax666
 
26 Is Not Enough: Obama's SupplierPay & Why It's Just the Beginning
26 Is Not Enough: Obama's SupplierPay & Why It's Just the Beginning 26 Is Not Enough: Obama's SupplierPay & Why It's Just the Beginning
26 Is Not Enough: Obama's SupplierPay & Why It's Just the Beginning
Tradeshift
 
1966 PF ALMUDÉVAR
1966 PF ALMUDÉVAR1966 PF ALMUDÉVAR
1966 PF ALMUDÉVAR
Luis Saputo
 
Himachal pradesh
Himachal pradeshHimachal pradesh
Himachal pradesh
Santhosh Antony
 
Presentación28 febrero
Presentación28 febreroPresentación28 febrero
Presentación28 febrero
jaen61
 
1 c 2 avances video j delgado
1 c 2 avances video j delgado1 c 2 avances video j delgado
1 c 2 avances video j delgado
Mercedes Marrero
 
Anuncios de contactos
Anuncios de contactosAnuncios de contactos
Anuncios de contactosenquica
 
Dimplex Air Curtain, Air Heaters, Radiant Heaters & Fan Heaters - Brochure
Dimplex Air Curtain, Air Heaters, Radiant Heaters & Fan Heaters - BrochureDimplex Air Curtain, Air Heaters, Radiant Heaters & Fan Heaters - Brochure
Dimplex Air Curtain, Air Heaters, Radiant Heaters & Fan Heaters - BrochureThorne & Derrick UK
 
Lindt excellence guia de degustacion
Lindt excellence guia de degustacionLindt excellence guia de degustacion
Lindt excellence guia de degustacion
Ana Ruiz
 
Un Loco Amor
Un Loco AmorUn Loco Amor
Un Loco Amor
Luis Capelli
 
Nuevas opciones de financiación de la I+D, la innovación y la internacionaliz...
Nuevas opciones de financiación de la I+D, la innovación y la internacionaliz...Nuevas opciones de financiación de la I+D, la innovación y la internacionaliz...
Nuevas opciones de financiación de la I+D, la innovación y la internacionaliz...
CTAEX
 
Ausgabe 02/2007 vom 11. Mai 2007
Ausgabe 02/2007 vom 11. Mai 2007 Ausgabe 02/2007 vom 11. Mai 2007
Ausgabe 02/2007 vom 11. Mai 2007
Netzwerk-Verlag
 
El mester de clerecía en su contexto europeo: Claves para el estudio de sus ...
El mester de clerecía en su contexto europeo: Claves para el estudio de sus ...El mester de clerecía en su contexto europeo: Claves para el estudio de sus ...
El mester de clerecía en su contexto europeo: Claves para el estudio de sus ...
Elena Gonzalez-Blanco Garcia
 
PlanificacióN Presupuestaria
PlanificacióN PresupuestariaPlanificacióN Presupuestaria
PlanificacióN Presupuestaria
marcelo
 
Anatomia encefalo
Anatomia encefaloAnatomia encefalo
Anatomia encefalo
fabian monroy saldaña
 

Viewers also liked (20)

POPI
POPI POPI
POPI
 
Opportunities and benefits of POPI
Opportunities and benefits of POPIOpportunities and benefits of POPI
Opportunities and benefits of POPI
 
Gateway TechnoLabs Corporate Presentation
Gateway TechnoLabs Corporate PresentationGateway TechnoLabs Corporate Presentation
Gateway TechnoLabs Corporate Presentation
 
UI Design for Sterling Commerce Multi Channel Selling and Fulfillment Suite
UI Design for Sterling Commerce Multi Channel Selling and Fulfillment SuiteUI Design for Sterling Commerce Multi Channel Selling and Fulfillment Suite
UI Design for Sterling Commerce Multi Channel Selling and Fulfillment Suite
 
Ricardo Espinosa
Ricardo EspinosaRicardo Espinosa
Ricardo Espinosa
 
26 Is Not Enough: Obama's SupplierPay & Why It's Just the Beginning
26 Is Not Enough: Obama's SupplierPay & Why It's Just the Beginning 26 Is Not Enough: Obama's SupplierPay & Why It's Just the Beginning
26 Is Not Enough: Obama's SupplierPay & Why It's Just the Beginning
 
1966 PF ALMUDÉVAR
1966 PF ALMUDÉVAR1966 PF ALMUDÉVAR
1966 PF ALMUDÉVAR
 
Himachal pradesh
Himachal pradeshHimachal pradesh
Himachal pradesh
 
Presentación28 febrero
Presentación28 febreroPresentación28 febrero
Presentación28 febrero
 
1 c 2 avances video j delgado
1 c 2 avances video j delgado1 c 2 avances video j delgado
1 c 2 avances video j delgado
 
Anuncios de contactos
Anuncios de contactosAnuncios de contactos
Anuncios de contactos
 
Dimplex Air Curtain, Air Heaters, Radiant Heaters & Fan Heaters - Brochure
Dimplex Air Curtain, Air Heaters, Radiant Heaters & Fan Heaters - BrochureDimplex Air Curtain, Air Heaters, Radiant Heaters & Fan Heaters - Brochure
Dimplex Air Curtain, Air Heaters, Radiant Heaters & Fan Heaters - Brochure
 
Lindt excellence guia de degustacion
Lindt excellence guia de degustacionLindt excellence guia de degustacion
Lindt excellence guia de degustacion
 
Un Loco Amor
Un Loco AmorUn Loco Amor
Un Loco Amor
 
Nuevas opciones de financiación de la I+D, la innovación y la internacionaliz...
Nuevas opciones de financiación de la I+D, la innovación y la internacionaliz...Nuevas opciones de financiación de la I+D, la innovación y la internacionaliz...
Nuevas opciones de financiación de la I+D, la innovación y la internacionaliz...
 
Ausgabe 02/2007 vom 11. Mai 2007
Ausgabe 02/2007 vom 11. Mai 2007 Ausgabe 02/2007 vom 11. Mai 2007
Ausgabe 02/2007 vom 11. Mai 2007
 
Teatro: Rey de Reyes
Teatro: Rey de ReyesTeatro: Rey de Reyes
Teatro: Rey de Reyes
 
El mester de clerecía en su contexto europeo: Claves para el estudio de sus ...
El mester de clerecía en su contexto europeo: Claves para el estudio de sus ...El mester de clerecía en su contexto europeo: Claves para el estudio de sus ...
El mester de clerecía en su contexto europeo: Claves para el estudio de sus ...
 
PlanificacióN Presupuestaria
PlanificacióN PresupuestariaPlanificacióN Presupuestaria
PlanificacióN Presupuestaria
 
Anatomia encefalo
Anatomia encefaloAnatomia encefalo
Anatomia encefalo
 

Similar to The Popi Act 4 of 2013 - Implications for iSCM

Overview of the Egyptian Personal Data Protection Law
Overview of the Egyptian Personal Data Protection LawOverview of the Egyptian Personal Data Protection Law
Overview of the Egyptian Personal Data Protection Law
FatmaAkram2
 
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
Dr. Oliver Massmann
 
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
Dr. Oliver Massmann
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
Ulf Mattsson
 
New Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit KhandelwalNew Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit Khandelwal
amitkhand
 
China-PIPL.pdf
China-PIPL.pdfChina-PIPL.pdf
China-PIPL.pdf
DaviesParker
 
Uchi data local presentation 2020
Uchi data local presentation 2020Uchi data local presentation 2020
Uchi data local presentation 2020
Christo W. Meyer
 
CHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxCHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptx
farewelldump
 
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptxDATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
gentlejosh3161
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the Philippines
Shirley Ingles-Cruz
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Werksmans Attorneys
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperatives
jo bitonio
 
Bipartisan_Privacy_Discussion_Draft_Section_by_Section39.pdf
Bipartisan_Privacy_Discussion_Draft_Section_by_Section39.pdfBipartisan_Privacy_Discussion_Draft_Section_by_Section39.pdf
Bipartisan_Privacy_Discussion_Draft_Section_by_Section39.pdf
Internet Law Center
 
Data privacy act
Data privacy actData privacy act
Data privacy act
ansherina erika dejan
 
Regulatory compliance 2018
Regulatory compliance 2018Regulatory compliance 2018
Regulatory compliance 2018
ProColombia
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Werksmans Attorneys
 
Data Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxData Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptx
CeresMargaretMangibi
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
ssuser36d167
 
Lorson Resources Limited - Records & Information Presentation: Data Protectio...
Lorson Resources Limited - Records & Information Presentation: Data Protectio...Lorson Resources Limited - Records & Information Presentation: Data Protectio...
Lorson Resources Limited - Records & Information Presentation: Data Protectio...
Lorson Resources Limited
 

Similar to The Popi Act 4 of 2013 - Implications for iSCM (20)

Overview of the Egyptian Personal Data Protection Law
Overview of the Egyptian Personal Data Protection LawOverview of the Egyptian Personal Data Protection Law
Overview of the Egyptian Personal Data Protection Law
 
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
LAWYER IN VIETNAM DR OLIVER MASSMANN NEW DRAFT DECREE ON PERSONAL DATA PROTEC...
 
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
NEW DECREE ON PERSONAL DATA PROTECTION AND CROSS-BORDER PROVISION OF DATA THE...
 
Examples of international privacy legislation
Examples of international privacy legislationExamples of international privacy legislation
Examples of international privacy legislation
 
POPI Seminar FINAL
POPI Seminar FINALPOPI Seminar FINAL
POPI Seminar FINAL
 
New Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit KhandelwalNew Data Privacy Rules By Amit Khandelwal
New Data Privacy Rules By Amit Khandelwal
 
China-PIPL.pdf
China-PIPL.pdfChina-PIPL.pdf
China-PIPL.pdf
 
Uchi data local presentation 2020
Uchi data local presentation 2020Uchi data local presentation 2020
Uchi data local presentation 2020
 
CHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptxCHINA PIP LAW ppt.pptx
CHINA PIP LAW ppt.pptx
 
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptxDATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
DATA-PRIVACY-ACT OF 2012- draft only ppt.pptx
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the Philippines
 
Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...Practical steps to take in preparation for the Protection of Personal Informa...
Practical steps to take in preparation for the Protection of Personal Informa...
 
Data Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperativesData Privacy Act of 2012 implication to cooperatives
Data Privacy Act of 2012 implication to cooperatives
 
Bipartisan_Privacy_Discussion_Draft_Section_by_Section39.pdf
Bipartisan_Privacy_Discussion_Draft_Section_by_Section39.pdfBipartisan_Privacy_Discussion_Draft_Section_by_Section39.pdf
Bipartisan_Privacy_Discussion_Draft_Section_by_Section39.pdf
 
Data privacy act
Data privacy actData privacy act
Data privacy act
 
Regulatory compliance 2018
Regulatory compliance 2018Regulatory compliance 2018
Regulatory compliance 2018
 
Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...Saying "I Don't": the requirement of data subject consent for purposes of dat...
Saying "I Don't": the requirement of data subject consent for purposes of dat...
 
Data Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptxData Privacy Act of 2012.pptx
Data Privacy Act of 2012.pptx
 
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptxPERSONAL-DATA-PROTECTION-BILL-2018.pptx
PERSONAL-DATA-PROTECTION-BILL-2018.pptx
 
Lorson Resources Limited - Records & Information Presentation: Data Protectio...
Lorson Resources Limited - Records & Information Presentation: Data Protectio...Lorson Resources Limited - Records & Information Presentation: Data Protectio...
Lorson Resources Limited - Records & Information Presentation: Data Protectio...
 

More from Myron Duncan Burton Betshanger

Leverage Corporate Consultation - 7-01-2018
Leverage Corporate Consultation - 7-01-2018Leverage Corporate Consultation - 7-01-2018
Leverage Corporate Consultation - 7-01-2018
Myron Duncan Burton Betshanger
 
Leverage Corporate Consultation (Pty) Ltd - Corporate Brochure 2018
Leverage Corporate Consultation (Pty) Ltd - Corporate Brochure 2018 Leverage Corporate Consultation (Pty) Ltd - Corporate Brochure 2018
Leverage Corporate Consultation (Pty) Ltd - Corporate Brochure 2018
Myron Duncan Burton Betshanger
 
KING IV Report On Corporate Governance In South Africa Part I
KING IV Report On Corporate Governance In South Africa Part I KING IV Report On Corporate Governance In South Africa Part I
KING IV Report On Corporate Governance In South Africa Part I
Myron Duncan Burton Betshanger
 
Profile myron d. b. betshanger
Profile myron d. b. betshangerProfile myron d. b. betshanger
Profile myron d. b. betshanger
Myron Duncan Burton Betshanger
 
African mining security summit 2015 anti corruption workshop final draft
African mining security summit 2015 anti corruption workshop final draftAfrican mining security summit 2015 anti corruption workshop final draft
African mining security summit 2015 anti corruption workshop final draft
Myron Duncan Burton Betshanger
 
Westenburg secondary page 1
Westenburg secondary page 1Westenburg secondary page 1
Westenburg secondary page 1
Myron Duncan Burton Betshanger
 
Leverage corporate consultancy Pty Ltd
Leverage corporate consultancy Pty LtdLeverage corporate consultancy Pty Ltd
Leverage corporate consultancy Pty Ltd
Myron Duncan Burton Betshanger
 
Corruption & social dogmas in south africa
Corruption & social dogmas in south africaCorruption & social dogmas in south africa
Corruption & social dogmas in south africa
Myron Duncan Burton Betshanger
 
Leverage Corporate Consultancy Pty Ltd
Leverage Corporate Consultancy Pty Ltd Leverage Corporate Consultancy Pty Ltd
Leverage Corporate Consultancy Pty Ltd
Myron Duncan Burton Betshanger
 
Embedding quality assurance within procurement
Embedding quality assurance within procurementEmbedding quality assurance within procurement
Embedding quality assurance within procurement
Myron Duncan Burton Betshanger
 
Myron Betshanger Resume
Myron Betshanger ResumeMyron Betshanger Resume
Myron Betshanger Resume
Myron Duncan Burton Betshanger
 
Combating Fraud & Corruption In The Mining & Metals Industry -Re-engineering ...
Combating Fraud & Corruption In The Mining & Metals Industry -Re-engineering ...Combating Fraud & Corruption In The Mining & Metals Industry -Re-engineering ...
Combating Fraud & Corruption In The Mining & Metals Industry -Re-engineering ...
Myron Duncan Burton Betshanger
 
Audit risk management and governance summit (3)
Audit risk management and governance summit (3)Audit risk management and governance summit (3)
Audit risk management and governance summit (3)
Myron Duncan Burton Betshanger
 
Corporate Governance, Ethics, Corruption and Access to Capital
Corporate Governance, Ethics, Corruption and Access to CapitalCorporate Governance, Ethics, Corruption and Access to Capital
Corporate Governance, Ethics, Corruption and Access to Capital
Myron Duncan Burton Betshanger
 
Global Risks Through Intergrated Reporting
Global Risks Through Intergrated ReportingGlobal Risks Through Intergrated Reporting
Global Risks Through Intergrated Reporting
Myron Duncan Burton Betshanger
 
Doc procurement anti fraud and anti-corruption
Doc procurement anti fraud and anti-corruptionDoc procurement anti fraud and anti-corruption
Doc procurement anti fraud and anti-corruption
Myron Duncan Burton Betshanger
 
Embedding anti corruption due diligence in procurement
Embedding anti corruption due diligence in procurementEmbedding anti corruption due diligence in procurement
Embedding anti corruption due diligence in procurementMyron Duncan Burton Betshanger
 

More from Myron Duncan Burton Betshanger (19)

Leverage Corporate Consultation - 7-01-2018
Leverage Corporate Consultation - 7-01-2018Leverage Corporate Consultation - 7-01-2018
Leverage Corporate Consultation - 7-01-2018
 
Leverage Corporate Consultation (Pty) Ltd - Corporate Brochure 2018
Leverage Corporate Consultation (Pty) Ltd - Corporate Brochure 2018 Leverage Corporate Consultation (Pty) Ltd - Corporate Brochure 2018
Leverage Corporate Consultation (Pty) Ltd - Corporate Brochure 2018
 
KING IV Report On Corporate Governance In South Africa Part I
KING IV Report On Corporate Governance In South Africa Part I KING IV Report On Corporate Governance In South Africa Part I
KING IV Report On Corporate Governance In South Africa Part I
 
Profile myron d. b. betshanger
Profile myron d. b. betshangerProfile myron d. b. betshanger
Profile myron d. b. betshanger
 
African mining security summit 2015 anti corruption workshop final draft
African mining security summit 2015 anti corruption workshop final draftAfrican mining security summit 2015 anti corruption workshop final draft
African mining security summit 2015 anti corruption workshop final draft
 
Westenburg secondary page 1
Westenburg secondary page 1Westenburg secondary page 1
Westenburg secondary page 1
 
Leverage corporate consultancy Pty Ltd
Leverage corporate consultancy Pty LtdLeverage corporate consultancy Pty Ltd
Leverage corporate consultancy Pty Ltd
 
Corruption & social dogmas in south africa
Corruption & social dogmas in south africaCorruption & social dogmas in south africa
Corruption & social dogmas in south africa
 
Leverage Corporate Consultancy Pty Ltd
Leverage Corporate Consultancy Pty Ltd Leverage Corporate Consultancy Pty Ltd
Leverage Corporate Consultancy Pty Ltd
 
Embedding quality assurance within procurement
Embedding quality assurance within procurementEmbedding quality assurance within procurement
Embedding quality assurance within procurement
 
Myron Betshanger Resume
Myron Betshanger ResumeMyron Betshanger Resume
Myron Betshanger Resume
 
Combating Fraud & Corruption In The Mining & Metals Industry -Re-engineering ...
Combating Fraud & Corruption In The Mining & Metals Industry -Re-engineering ...Combating Fraud & Corruption In The Mining & Metals Industry -Re-engineering ...
Combating Fraud & Corruption In The Mining & Metals Industry -Re-engineering ...
 
Audit risk management and governance summit (3)
Audit risk management and governance summit (3)Audit risk management and governance summit (3)
Audit risk management and governance summit (3)
 
Corporate Governance, Ethics, Corruption and Access to Capital
Corporate Governance, Ethics, Corruption and Access to CapitalCorporate Governance, Ethics, Corruption and Access to Capital
Corporate Governance, Ethics, Corruption and Access to Capital
 
Global Risks Through Intergrated Reporting
Global Risks Through Intergrated ReportingGlobal Risks Through Intergrated Reporting
Global Risks Through Intergrated Reporting
 
Doc procurement anti fraud and anti-corruption
Doc procurement anti fraud and anti-corruptionDoc procurement anti fraud and anti-corruption
Doc procurement anti fraud and anti-corruption
 
2013 Procurement Fraud Africa Summit
2013 Procurement Fraud Africa Summit 2013 Procurement Fraud Africa Summit
2013 Procurement Fraud Africa Summit
 
Embedding anti corruption due diligence in procurement
Embedding anti corruption due diligence in procurementEmbedding anti corruption due diligence in procurement
Embedding anti corruption due diligence in procurement
 
Role of internal audit
Role of internal auditRole of internal audit
Role of internal audit
 

Recently uploaded

20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
tjcomstrang
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
seoforlegalpillers
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
HumanResourceDimensi1
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
Sam H
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
Nicola Wreford-Howard
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
sarahvanessa51503
 
Improving profitability for small business
Improving profitability for small businessImproving profitability for small business
Improving profitability for small business
Ben Wann
 
PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop Celebration Pohela Falgun Mar 20, 2024PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop.com LTD
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptx
Workforce Group
 
Filing Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed GuideFiling Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed Guide
YourLegal Accounting
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
Operational Excellence Consulting
 
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Navpack & Print
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products Newsletter
NathanBaughman3
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
Ben Wann
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Lviv Startup Club
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
creerey
 
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
BBPMedia1
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
zoyaansari11365
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
Bojamma2
 
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdfMeas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
dylandmeas
 

Recently uploaded (20)

20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
 
Brand Analysis for an artist named Struan
Brand Analysis for an artist named StruanBrand Analysis for an artist named Struan
Brand Analysis for an artist named Struan
 
Improving profitability for small business
Improving profitability for small businessImproving profitability for small business
Improving profitability for small business
 
PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop Celebration Pohela Falgun Mar 20, 2024PriyoShop Celebration Pohela Falgun Mar 20, 2024
PriyoShop Celebration Pohela Falgun Mar 20, 2024
 
Cracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptxCracking the Workplace Discipline Code Main.pptx
Cracking the Workplace Discipline Code Main.pptx
 
Filing Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed GuideFiling Your Delaware Franchise Tax A Detailed Guide
Filing Your Delaware Franchise Tax A Detailed Guide
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
 
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n Print
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products Newsletter
 
Business Valuation Principles for Entrepreneurs
Business Valuation Principles for EntrepreneursBusiness Valuation Principles for Entrepreneurs
Business Valuation Principles for Entrepreneurs
 
Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)Maksym Vyshnivetskyi: PMO Quality Management (UA)
Maksym Vyshnivetskyi: PMO Quality Management (UA)
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
 
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
RMD24 | Debunking the non-endemic revenue myth Marvin Vacquier Droop | First ...
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
 
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdfMeas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
 

The Popi Act 4 of 2013 - Implications for iSCM

  • 1. THE PROTECTION Of PERSONAL INFORMATION (POPI) Act 4 of 2013 The Implications of The Protection of Personal Information Act (POPI) for Integrated Supply Chain Management (iSCM) Presented by: Myron D. B. Betshanger Corporate Governance, Legal & Regulatory Compliance Specialist
  • 2. CONTENT 1.The purpose of the Protection of Personal Information Act (POPI) Act 2.Application of The POPI Act 3. Definitions In The POPI Act 4.Condition For Legal Processing of Personal Information 5.Impact Of The POPI Act on Procurement Process 6.Consequences For Non-Compliance
  • 3. The purpose of the Protection of Personal Information Act (POPI) is to:  give effect to the constitutional right to privacy, by safeguarding personal information when processed by a responsible party, subject to justifiable limitations that are aimed at:  balancing the right to privacy against other rights, particularly the right of access to information; and  protecting important interests, including the free flow of information within the Republic and across international borders.  regulate the manner in which personal information may be processed, by establishing conditions, in harmony with international standards that prescribe the minimum threshold requirements for the lawful processing of personal information;  provide persons with rights and remedies to protect their personal information from processing that is not in accordance with this Act PURPOSE of The POPI Act
  • 4. APPLICATION of The POPI Act  As a result of the POPI Act, any party that collects, holds and uses a person’s personal information will have to do so under certain circumstances.  The requirements will apply to personal information that is held in relation to employees, customers, suppliers as well as prospective customers and prospective suppliers (i.e. bidders) for supply contracts.
  • 5. POPI Act DEFINITIONS WHAT IS PERSONAL INFORMATION FOR PURPOSES OF POPI ?  “ Personal Information” is information relating to an identifiable, living natural person or juristic person as far as applicable.  POPI defines “personal information” very broadly to include, but which is not limited to the following – i. Information relating to the race, gender, sex, pregnancy, marital status, national, ethic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person; ii. Information relating to the education or the medical, financial, criminal or employment history of the person; iii. any identification number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person; iv. the biometric information of the person; v. the personal opinions, views or preferences of the person; vi. correspondence send by that person that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence; vii. the views or opinions of another individual about the person; and viii. the name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.
  • 6.  “ Processing” means any operation or activity or any set of operations whether or not by automatic means, connected to personal information including – (a) the collection, receipt, recording, organization, collation, storage, updating or modification, retrievable, alteration, consultation or use; (b) dissemination by means of transmission, distribution or making available in any other form; or (c ) merging, linking, as well as restricting, degrading, erasure or deconstruction of information. NOTE: POPI only covers the processing of personal information that is entered into a record by or on behalf of a responsible party that is domiciled in South Africa, or, if not domiciled in South Africa, is using automated or non- automated means that is situated in South Africa.  “ Record” means any recorded information – a) Regardless of the form or medium, including any of the following: i. Writing on any material; ii. Information produced, recorded or stored by means of any tape-recorder, computer equipment, whether hardware or software of both, or other device, and any material subsequently derived fom information so produced, recorded or stored; iii. Label, marking or other writing that identifies or describes anything of which it forms part, or to which it is attached by any means iv. Book, map, plan, graph or drawing; v. Photograph, film, negative, tape or other device in which one or more visual images are embodied so as to be capable, with or without the aid of some other equipment, of being reproduced.
  • 7. b) whether or not it was created by a responsible party; and c) regardless of when it came into existence ( NB The retrospective provision in POPI)  “ Electronic Communications” includes any text, voice, sound and imaged messages and includes the message being stored prior to the recipient retrieving it. This would include social medium platforms such as Facebook, LinkedIn, Twitter, etc in addition to e-mails, the Internet and the Intranet.  “ Consent” for purposes of POPI means any voluntary, specific and informed expression of will in terms of which permission is given for the processing of personal information. NB  It is important to note that “Consent” means specific consent . General consent will therefore not be sufficient and a specific consent for each instance in which the personal information will be dealt with, must be obtained.  The consent must have provided for exactly what personal information is required, why it is required, how it will be dealt with, and where it will be stored.  The consent must also provide for whether the personal information will be shared
  • 8.  “ Data Subject” means the owner of the personal information (natural persons and/or juristic persons). In the procurement context this will mean the bidding or contracting company or services provider, its owners, managers, directors and employees.  “ Information Officer” means the person appointed by the responsible party to manage the application of POPI.  “Operator” means any person acting under a mandate or under contract of a responsible party who has a duty not to disclose personal information. In the context of procurement this means any third party to whom procurement services has been outsourced either in whole or in part. The operator must maintain the integrity and confidentiality of personal information collected.  “ Responsible Party” A private or public entity or any other person who determines the purpose of and the means for processing personal information. In the procurement context, this would be the procuring entity often referred to as “The Employer / The Purchaser” in procurement contracts.  “Regulator” means the person to be appointed to implement and enforce the provisions of the POPI Act.
  • 9. Conditions For Legal Processing of Personal Information POPI sets out EIGHT (8) Conditions that must be complied with, namely – 1. Accountability (Section 8 of POPI) 2. Processing Limitation (Sections 9 - 12 of POPI) 3. Purpose Specification (Sections 13 – 14 of POPI) 4. Further Processing Limitation (Section 15 of POPI) 5. Information Quality (Section 16 of POPI) 6. Openness (Sections 17 – 18 of POPI) 7. Security Safeguards (Sections 19 – 22 of POPI) 8. Data Subject Participation (Sections 23 – 25 of POPI)
  • 10. Impact of The POPI Act on the Procurement Process • Minimally: RFX /vendor registration form must only request relevant personal information from bidder/supplier, Personal information which is not relevant for bid evaluation or conclusion of a contract with a supplier must not be collected. • Consent, justification and objection: Record of consent and objections from bidder/supplier to processing of personal information throughout the tendering process. • Sources other than the data subject: Personal information (e.g. reference letter verification) that The Employer / The Purchaser needs to obtain from a third party must be collected with prior consent from the bidder/supplier. Bid preparation • Notification to data subject: The Employer / The Purchase must ensure that a bidder/supplier is aware of the purpose the information is collected, as well as the consequences of failing to provide the information. • Bid documents submitted late must not be retained longer than necessary for the purpose collected for. • Integrity and confidentiality of personal information of late submitted bids must be maintained. • Notification of security compromise to the Regulator and bidders in writing. Issue, receipt & opening of bids
  • 11. • Consent, justification and objection: Record of consent and objections from bidder/supplier to processing of personal information. • Sources other than the data subject: Verification or receiving of personal information of supplier/bidder from third party must be done with prior consent from bidder/supplier. • Bid documents of unsuccessful bidders must not be retained longer than necessary for the purpose collected for. • Integrity and confidentiality of personal information of unsuccessful bidders. • Notification of security compromise to the Regulator and bidders in writing. Bid evaluation, Shortlisting & Adjudication
  • 12. • Minimally: Personal information which is not relevant for conclusion of a contract with a supplier must not be collected. • The Employer / The Purchaser must put measures in place to prevent loss, damage, unauthorised destruction and unauthorised access to personal information of supplier/contractor. • The Employer / The Purchaser must notify the Regulator and supplier/contractor of the security compromise in writing. Contract award & management (general obligations)
  • 13. • Contract between The Employer / The Purchaser and the operator must ensure that the operator establishes and maintains security measures to safeguard personal information being processed on behalf of The Employer / The Purchaser. • The operator must notify The Employer / The Purchaser immediately in an event where there are reasonable grounds to believe personal information has been accessed by an unauthorised person. • The contract with an operator must ensure confidentiality of personal information processed on behalf of The Employer / The Purchaser. • A supply contract with an operator must include standard clauses outlining joint responsibility in terms of the protection of personal information. • The Employer / The Purchaser must have audit rights to conduct regular audits on the operator’s security and confidentiality measures. Contract award & management (Supply Contract with an Operator)
  • 14. Consequences Of Non-Compliance With The POPI Act  FINE and/or IMPRISONMENT (not exceeding 10 Years)  Any person who hinders, obstructs, or unlawfully influences the Regulator or any person acting at the direction of the regulator;  An employer who fails to comply with an enforcement notice;  An employer who violates any conditions of processing of an account number.  FINES  Administrative Fines : o The Regulator may issue an infringement notice in the event of an alleged contravention of the provisions of POPI. o The Regulator must specify the amount of the administrative fine which may not exceed ZAR 10 million. o The Transgressor may within 30 days of receipt of the infringement notices a) elect to pay the fine so determined by the Regulator, or b) make instalment arrangements with the regulator to pay such fine as imposed, or c) take the Regulator’s determination on review to the High Court.
  • 15. Consequences Of Non-Compliance With The POPI Act  Civil Damages  The Data Subject may sue the Transgressor for damages or may request the Regulator to sue for damages.  The principle of strict liability applies, meaning its not necessary for the Data Subject or the Regulator on behalf of the Data Subject to prove intent or negligence.  The amount of damages that may be awarded is punitive and far in excess of what can presently be awarded under South African law. i. The damages could include monetary and non-monetary loss; ii. Aggravated damages, iii. Interest and costs  Fact that court order must be published in the Government Gazette and requirement that appropriate be made can inflict great reputational damage on organizations.
  • 16. THANK YOU MYRON D. B. BETSHANGER Corporate Governance, Legal & Regulatory Compliance Specialist 16 Verveen Street Westenburg Polokwane, South Africa Mobile: +27 74 780 3862 e-mail: betshangermyron2@gmail.com LinkedIn: https://za.linkedin.com/pub/myron-duncan-burton-betshanger/37/219/1b8 Twitter: @betshangermyron