About this product
The POPI Act requires the appointment of a responsible party, who must ensure compliance with the eight conditions of POPIA. This includes the duties as set out in regulation 4(1) to develop a Personal Information Impact Assessment (PIIA) and a compliance framework to ensure adequate measures and standards exist to comply with the conditions for lawful compliance and implementation. This product assists responsible parties on its road to compliance.
Why you should buy this product.
The success of any PIIA, compliance framework and implementation program starts off with an investigation into the way the organisation operates when it comes to processing and documenting personal information. This Toolkit will assist the Information Officer and the compliance team to plan and execute the PIIA and to implement the compliance framework.
This product is template based and should be customised for your particular business.
This module comprises legislation, regulations, guidelines and documents published by the Information Regulator on POPIA and PAIA to assist with the implementation of POPIA.
Personal Information Impact Assessment – PIIA
In terms of regulation 4(1), the responsible party must conduct a Personal Information Impact Assessment or PIIA, also commonly known as the gap analysis. Our uniquely designed documents assist the privacy practitioner with guidance and spreadsheets to perform the PIIA and to report internally on the Gaps identified on a risk and compliance basis.
Our compliance frameworks flows from the PIIA and assist the privacy practitioner on the roadmap of compliance to plan and implement the remedial actions to compliance with the 8 conditions of POPIA.
Implementation framework and templates
This module consist of templates, policies and procedures to assist the Responsible party to implement its compliance framework and drive its compliance process to completion.
This product does not replace proper assessment procedures, but rather assist the business on its PIIA and compliance process. Our team of experts can assist you with the PIIA, compliance framework and implementation. For assistance contact us on email@example.com or firstname.lastname@example.org.
The following form part of the Toolkit:
- Publication - The POPI Act explained
- Simple time management planner template
- List of relevant legislation to consider legal compliance
- List of policies (not actual policies) and procedures for implementation
- Template = PIIA Report template
POPIA toolkit - Addendum to employment contract
POPIA Toolkit - Annexure to employment contract
POPIA Toolkit - Confidentiality & NDA for Employees
POPIA Toolkit - Consent as a requirement of POPIA
POPIA Toolkit - Consent form - Annexure to employment contract
POPIA toolkit - Consent form employees others
POPIA Toolkit - Flow diagram for data retention Information
POPIA toolkit - General notice to third parties
POPIA Toolkit - Incident management process
POPIA Toolkit - Incident response plan
POPIA toolkit - Internal appointment of IO
POPIA toolkit - NDA for employees and directors
POPIA Toolkit - Operator clause for service level agreements
POPIA Toolkit - PAIA & POPI Manual
POPIA Toolkit - PIIA Report
POPIA toolkit - Policy control sheet
POPIA toolkit - Policy toolkit
POPIA Toolkit - Privacy & Data Protection Policy
POPIA toolkit - Privacy notice re processing
POPIA toolkit - Progress report and tracker
POPIA Toolkit - Request For Access - Forms
POPIA toolkit - Simple time management plannerPOPIA toolkit - Teleworking policy template
General Personal Information Protection policy (inclusive of)
- Office related procedures – clean desk and shredding, paper records and filing systems, archiving and storing of records
- IT and IT Security/Cybersecurity, Internet and remote access, e-mails
- Social media and personal matters
- Information quality and management
- Special personal information and children/Medical
- Work from home and telecommute on privacy
- POPIA training and induction training
- Policy maturity and implementation
- Clean screen, password protection and desktop
- De-identification, deletion, and restriction of PI
- Media statements
- Access control and access levels
- Template - POPIA / PAIA manual
- Template - Operator agreement/clauses
- Template - Incident response plan/policy
- Templates for learners and apprenticeships
- Template - 10 check lists/Infographics for compliance
- Template - Company assets, laptops, phones (other devices) and bring your own device policy