Abstract
In today's knowledge-centric society, personal information is one of the key resources of most businesses. Because of this, maintaining the privacy of personal information has become an important topic. Many countries have enacted, or are in the process of enacting, legislation to govern this. South Africa is addressing privacy concerns through the Protection of Personal Information (PoPI) Act, which imposes heavy penalties for non-compliance. This paper examines current organizational information privacy strategies and what impact the PoPI Act is making. Using a case study approach, data was collected from five organizations in the South African financial services industry. The findings offer insight into the complexities of forming and executing a privacy strategy, as well as the difficulties around complying with legislation. The PoPI Act has influenced the organizations to varying degrees, with some simply assessing its impacts and preparing to implement changes at a later point, while others have been making changes for many years. One of the key challenges that was highlighted is that it is based on principles and therefore open to interpretation. However, for most of the organizations it appears to offer benefits, such as the opportunity to bring more international business to South Africa.
Original language | English |
---|---|
Title of host publication | 2017 Information Security for South Africa |
Subtitle of host publication | proceedings of the 2017 ISSA conference |
Editors | Hein S. Venter, Marianne Loock, Marijke Coetzee, Mariki M. Eloff, Jan H.P. Eloff |
Publisher | IEEE |
Pages | 56-65 |
Number of pages | 10 |
ISBN (Electronic) | 9781538605455, 9781538605448 |
ISBN (Print) | 9781538605462 |
DOIs | |
Publication status | Published - 1 Aug 2017 |
Externally published | Yes |
Event | 2017 Information Security for South Africa Conference - Johannesburg, South Africa Duration: 16 Aug 2017 → 17 Aug 2017 |
Conference
Conference | 2017 Information Security for South Africa Conference |
---|---|
Abbreviated title | ISSA 2017 |
Country/Territory | South Africa |
City | Johannesburg |
Period | 16/08/17 → 17/08/17 |
Keywords
- Privacy
- Information privacy strategy
- Protection of Personal Information (PoPI)