information officerOur events address the Protection of Personal Information Act (POPIA) and Promotion of Access to Information Act (PAIA). The training courses are developed from over twenty years of practical experience with the protection of personal information and our involvement in the Parliamentary process that developed the Protection of Personal Information Act during which we engaged with the technical committee and made a number of submissions. 

 

1 day Introduction to the POPI Act

The Protection of Personal Information Act (POPIA) applies to all public and private bodies that process personal information. This course is aimed at helping executives, management and staff understand why the Protection of Personal Information Act is important to their organisation and providing a brief overview of what is covered.

Attendees will obtain an understanding of the Act and what is required to respect the rights of individuals when processing their personal information, what are the risks that they need to guard against and the nature of safeguards they need to implement.

Read more about the POPIA Introduction course

2 day POPIA: Complying with the Act

The Protection of Personal Information Act requires all public and private bodies to process personal information in accordance with the conditions for the lawful processing of personal information. In most organisations personal information is ubiquitous and the risk of not processing personal information lawfully is high.

This course provides the attendee with an understanding of the Act, the key compliance requirements and a road map to address the Act’s requirements and to manage the risk.

Read more about complying with the POPI Act

2 day Safeguards for Protecting Personal Data

The Protection of Personal Information Act requires all public and private organisations to implement all the safeguards necessary for the protection of personal information.

This course provides attendees with an understanding of the conditions for the lawful processing of personal information that require the implementation of safeguards and with guidance on the implementation of suitable safeguards to address these requirements and protect personal information whenever it is being processed.

Read more about Safeguards for personal data

2 day POPIA: Impact on the HR function

The processing of personal information within the human resources function presents many challenges for those responsible. Currently the misuse of personal information within HR is widespread making many organisations vulnerable to complaints from unsuccessful job applicants and disgruntled employees.

This course includes topics about processing personal information within the human resources function. Practical examples will be used to illustrate what is acceptable and what is unlawful when processing personal information.

Read more about the impact of POPIA on HR functions

1 day POPIA: Managing Operators

The POPI Act requires responsible parties to have in place a written contract between the responsible party and the operator to ensure that the operator who processes personal information for the responsible party, processes personal information only with the knowledge and authorisation of the responsible party and that the operator establishes and maintains the necessary measures.

Attendees on this course will learn about the specific POPI requirements for responsible parties to effectively manage operators.

Read more about the impact of POPIA on Operators

2 day POPIA: Requirements for ERP Systems

Enterprise Resource Planning (ERP) systems process a wide variety of business information, including many types of personal information. ERP systems have many features that can assist responsible parties protect personal information. Omitting to use the available features could be a problem when non-compliance is reported to the Information Regulator.

This course provides attendees with an understanding of the privacy-related issues that will need attention in ERP systems.

Read more about POPIA and ERP systems

2 day POPIA: Role of the Information Officer

Information officers have a significant role in overseeing the protection of personal information and can be personally liable in some instances where they do not fulfil their responsibilities.

This course will assist attendees understand the role and responsibilities of the information officer in encouraging a public or private body complying with the requirements for the lawful processing of personal information, handle personal information requests and respond to interference.

Read more about the role of Information Officers

1 day POPIA: Role of Responsible Parties

It is the responsibility of the “Responsible Parties” identified by the CEO and listed in the PAIA manual to ensure that personal information is processed lawfully and in a reasonable manner that does not infringe the constitutional rights of individuals to privacy.

This seminar informs heads of public bodies, CEO’s of private bodies and the business leaders identified as “responsible parties” about their role and responsibilities for processing personal information lawfully.

Read about the role of Responsible Parties 

2 day POPIA: Lead Auditor

The Protection of Personal Information Act is technical and complex. It has numerous requirements that impact just about everyone within an organisation, it’s customers, suppliers and service providers.

This seminar includes topics about:

  • Which aspects of POPIA are important to auditors
  • How auditors should plan their approach
  • Conducting an audit of the organisation’s POPIA programme.

Read more about the POPIA Lead Auditor

2 day POPIA: Information Security using ISO 27001

The Protection of Personal Information Act requires all organisations have due regard to the generally accepted information security practices and procedures which may apply to it generally or be required in terms of specific industry or professional rules and regulations.

This course provides attendees with an understanding of the generally accepted information security practices and the approach required to identify and implement the necessary measures to protect the processing of personal information.

Read more about POPIA and ISO 27001 

1 day POPIA: Awareness for the Organisation’s Staff

The Protection of Personal Information Act requires everyone to respect the rights of individuals regarding the processing of their personal information. It contains many new obligations on how personal information is processed so that the rights of human rights of affected individuals are respected.

This course provides attendees with an understanding of the impact POPIA has on an organisation and what is required to respect the rights of individuals when processing their personal information and the risks they need to guard against.

Read more about POPIA Awareness for Staff

1 day Updating the PAIA Manual

Condition 6 of POPIA requires that “responsible parties must maintain the documentation of all processing operations under their responsibility as referred to in section 14 or 51 of the Promotion of Access to Information Act (PAIA)”.

Course participants will gain an understanding of how to update their PAIA manuals in accordance with the new legislative requirements of the Protection of Personal Information and Promotion of Access to Information Acts.

Read more about updating the PAIA Manual