The 1 July deadline for PoPI compliance is fast approaching. Sign up for our PoPIA Readiness Challenge and in just 10 days we’ll get you in good shape to beat the deadline!
Each day you will join an hour-long session where an expert will take you through the day’s content. When the video sessions end, you will receive a document with a breakdown of the steps you need to take to complete your mission. There will be some prep work involved. There will be some homework. However, every day you will be one step closer to becoming POPIA-compliant.
It will be like having your own dedicated support team for two weeks, at a fraction of the cost!
Introduction to the 10-Day Challenge
Introduction to POPIA Awareness Training
Appointment of the Information Officer / Data Protection Officer
We will discuss the role of the Information Officer, including their duties and the risks they face
The Readiness Challenge Roadmap
We will work through the steps required to complete the PoPIA Readiness Challenge
Staff Knowledge Transfer
What do your employees need to know? How do you educate them on POPIA? We will guide you through this process
We will take you through the process of completing a self-assessment; the approach for defining the areas of focus; which questions to ask and how to map these back to the articles covered in the Act, such as Data Minimisation; Lawful Processing; Consent and Right of Access.
Suppliers and third parties
Understand the roles, responsibilities and accountabilities between you, your customer and your supplier. We provide information on the implications of your outsourced vendor experiencing a breach that may affect your data.
Portfolio of Evidence
We uncover the content that should be included in your Portfolio of Evidence; why a Portfolio of Evidence is important; and how to show you have taken all the necessary steps to align with the POPI Act.
A list of potential personal information that the business area/system could access, and whether the business area collects, edits, processes, stores, shares or destroys this data, will be discussed.
PoPIA requires that organisations document all the data flows within a department/system where personal information is concerned. We will discuss the implications of this requirement for your organisation.
With whom do you share personal information ? From whom do you receive personal information? Do you have the necessary agreements in place with all your third parties? You will be given insight into the implications of sharing information with parties outside your organisation.
We will work through the questions to ask in order to define your Data Discovery setup and to understand the lay of the land.
Privacy by Design
How to ensure that your new systems and processes adhere to the act from day 1.
We will discuss which policies are uniquely required by POPIA; other policies that need to be adapted as well as how to assess your policies. In addition, we will help you understand the PAIA manual and the Privacy Framework .
The Data Breach Playbook
You have had a breach! What do you need to put into place if this event occurs?
- Remediate the source of the breach as timeously as possible to avoid a re-occurrence.
- Mitigate the resulting risks to the business as speedily and as efficiently as possible.
- Fulfil your regulatory responsibilities.
We will take you through the contracts that need to be reviewed for POPIA; other contracts that need to be adapted in line with PoPIA; how to assess your contracts, discuss standard clauses that can be utilised within them and discuss the importance of a data-sharing/processing agreement.
Websites and Email Content
Disclaimers you need to have on your website as well as opt-in and opt-out requirements.
We will describe the cyber security framework, talk through the 10 cyber security domains and touch on the 70 cyber security control areas you need to consider.
Question and Answer Session
Bring your questions regarding the law and contracts and the panel will respond.
We will work through the action plan you will need to implement in order to be compliant post the 10-day challenge. You will draw up your own company's plan.