The much anticipated SA Protection of Personal Information Act (PoPIA) came into effect on the 1st July giving businesses one year’s grace to get their compliance ducks in a row and align their controls and protection of customer sensitive personal information with the conditions of lawful processing of personal information. After the 30 June 2021 businesses will face severe penalties for non-compliance.
Whilst most of us have been aware of the looming PoPIA and have started to take the steps required to ensure alignment we can no longer hide behind the lack of finalised dates to formalise the internal actions required.
At ATG, the gap analysis and POPIA risk mitigation reviews have raised various streams for action, one of which is protecting the rights of internal data subjects, another is ensuring we comply on behalf of our customers and lastly looking at how we can assist our customers with their compliance needs.
A stark reality is that paper based customer credit applications, credit agreements, supplier take on documents and other contracts are still active in the South African business space. Many organisations are lagging in terms of secure digitisation of these artefacts.
The below documentation storage limitations come to mind:
- Lost or misfiled documents
- Compromised information security and access control
- Inefficiency in searching for documents
- Labour intensive manual filing and administrative health checks
- Manual document management restricted to one user working on a customer file at a time
- Poor auditability of user activity related to sensitive information
- Cost of physical storage space for manual storage.
These weaknesses and imminent implementation of PoPIA are a compelling reason for the secure digitisation of sensitive paper documents.
Digitisation of the documents alone is unfortunately not enough and should be augmented by a control system that complies with digital asset management/PoPIA standards.
The implementation of paperless processes is contributing to additional volumes of what needs to be stored in digital format. Digital assets are set to grow in sheer volume due to increased digitisation and the need for getting the balance right between security and cost savings requirements.
Argility’s DAMSense Digital Asset Management System is a trusted and optimised solution for the secure storage, search, and controlled access, to sensitive digitised assets. By utilising DAMSense on the Google Cloud Platform many boxes are ticked; from General Data Protection Regulations (GDPR) compliance, from which POPIA has evolved; through to the flexible and cost-effective digital asset storage options.
*** Source: IT Web