On Thursday, the highly anticipated Protection of Personal Information Act comes into full effect, albeit with a few exceptions owing to technical difficulties.
Those technical issues aside, non-compliance with POPIA regulations may draw the ire of the Information Regulator and with fines of up to R12 million on the line, compliance is a good idea.
However, keeping your business in the good graces of the Regulator is just one side of complying with POPIA and according to Andrew Bourne – regional manager of Zoho in Africa – it has some unseen benefits.
A recent survey conducted by World Wide Worx, that was commissioned by Zoho, found that business owners benefit from complying with personal data protections.
As many as 40 percent of local business owners who were surveyed said that compliance with regional data privacy protection laws had a positive effect on their business with only 19 percent saying it had a negative effect. The remaining 41 percent of those surveyed said that compliance had no effect on their business.
Why is this? Well as Bourne puts it, folks are a lot more savvy when it comes to protecting their information. Being a brand that protects its customers can likely improve your reputation.
“Awareness about aggressive data harvesting and reselling is increasing, and end users are today privy to the nefarious ways in which data-dependent companies monetise and use their information. Privacy-conscious consumers – a rapidly growing demographic – want an explicit assurance that the companies they trust their data with will protect them against misuse and breaches. We even saw privacy taking centre stage during the recent Apple WWDC 2021, which further shows that data confidentiality practices are becoming integral to business longevity and trustworthiness,” explains Bourne.
This means a customer is more likely to share information with you. In a time where ecommerce is growing and consumers are relying heavily on deliveries where they must divulge a lot of private information, being a trusted brand is more vital than ever before.
The bad news
Unfortunately, compliance with POPIA doesn’t come cheap nor is it simple.
“Complexities are inevitable. Our survey, for instance, reveals that 34 percent of SA businesses report an increased cost of governance due to privacy laws while 30 percent are concerned that the legal mandates will directly affect their marketing programs. A lesser but still significant 28 percent state a general difficulty in navigating the intricacies of the overall compliance process,” explains Bourne.
SMEs are likely to be hit the hardest when it comes to the cost of compliance especially if they must appoint an Information Officer where before they didn’t need nor have one.
Another aspect Bourne mentions is the cost of receiving legal counsel as regards understanding the intricacies of POPIA. The Act itself is infamously vague and we the interpretation of an attorney knowledgeable of the intricacies within the act. Of course this will incur a cost.
One way to digest these costs says Bourne, is to view POPIA compliance as part of your digital transformation.
“Today, most businesses already spend hundreds of thousands implementing digital systems to improve business efficiency. It is similarly crucial for organisations to make room in their IT budgets for steps such as appointing an in-house privacy officer or getting external consultation. These measures will help to have a clear understanding of privacy and security laws like the POPIA and build a robust digital framework that’s flexible enough to accommodate newer processes when fresh laws crop up across regions,” says the regional manager.
POPIA comes into full effect on 1st July.