Navigate Data Protection and Data Privacy

Data protection and data privacy issues impact all business and industry sectors, not only ‬in South Africa but across the globe. Compliance with the laws and protecting ‬individuals’ privacy is not just a legal issue. Failure to respect people’s privacy or ensure ‬the security of their data can severely damage a company’s brand and influence consumer ‬buying decisions.‬‬‬‬‬‬‬‬

Navigating the myriad complexities around data protection and data privacy is best done by experts properly equipped to give legal advice that is clear, accurate, and future-focused. The Protection of Personal Information Act (the POPI Act or POPIA which people also refer to as POPIA Act) is finally here and expert guidance will be needed by small and big entities alike, in properly assimilating the details of the Act and all the implications contained therein.

How POPIA could cause uncertainty:

  • Why do you need to be concerned with POPIA and data protection?
  • What is important and requires immediate attention?
  • Where to start and where does POPIA apply in the world?
  • Who should assist with what, and to what extent?
  • When should you be attending to what?

Keeping with our ethos of excellence, Werksmans recognises business needs to provide the best possible service to its clients and to the market, while navigating through the regulatory minefield. We recognise that the personal information of suppliers, customers, and employees are valuable assets. We have recently developed the Werksmans.Gettoknowit POPIA e-learning course which provides a consistent, accurate, in-depth, and dependable means of training staff, in order to protect both the business and employees from possible penalties, damages, and sanctions arising from non-compliance.

POPIA Framework

Essentially, POPIA:

  • sets out the rules and practices which must be followed when processing information about individuals and juristic persons;
  • grants rights to individuals in respect of their information;
  • and creates an independent regulator to enforce these rules, rights and practices.

It should be noted that POPIA applies to:

  • information that is processed automatically;
  • information recorded on paper;
  • and health records and certain public authority records.

Read more about POPIA: A Guide to the Protection of Personal Information Act of South Africa.

POPIA Landscape

Compliance with POPIA should never anchor your business down. Business must protect the data of all South Africans.

Prioritising data privacy and ensuring optimal processing of Personal Information has the potential to unlock instrumental value and benefit for your business, while not risking non-compliance with legislation.

7 fundamental ports of reference on the road to POPI compliance

Data breach

A data breach can have a range of devastating consequences for any business. Establishing data protection and data privacy is vital in maintaining a company’s reputation. A data breach may cause a loss of customer and partner trust. The loss of critical data, such as source files or intellectual property, can cost a company its competitive advantage.

Going further, a data breach can impact corporate revenues due to non-compliance with data protection regulations. With high-profile data breaches making media headlines, it’s essential that companies adopt and implement a strong cybersecurity approach. A data breach plan and process cannot be neglected.

Read more about: Data breaches in South Africa post POPI…Any lessons to be learned?


We cannot ignore cybersecurity when talking about POPIA. Part of information security is cybersecurity, which refers to the practice of ensuring the integrity, confidentiality, and availability of information.

Why is cybersecurity important?

The world relies on technology more than ever before. As a result, digital data is created at a pace never thought possible. Today, businesses and governments store a great deal of that data on computers and transmit it across networks to other computers and countries. The major cybersecurity risks to your business.

Common types of cybersecurity

Cybersecurity is constantly evolving

Traditional cybersecurity is centered on the implementation of defensive measures around a defined perimeter. Recent enablement initiatives like remote workers and Bring Your Own Device policies have dissolved the perimeter, reduced visibility into cyber activity, and expanded the attack surface. Ultimately, your company must be empowered to prioritise the most serious threats to data privacy by reducing investigation, and threat detection times. At Werksmans we need our clients to ask the right questions in order for us to be prepared and assist them in navigating the rough seas.

Werksmans help clients to leverage excellence going forward.

Let us help you navigate these uncertain seas. 


Podcasts, Videos and Webinars