Friday, March 15, 2019
Information Privacy and Governance :: Personal Information, Privacy Law
A number of high profile organisations have been subjected to undischarged reputational damage resulting from a proliferation of personal instruction breaches (Protecting Personal Information, 2010). Organisations have do substantial intention of their customers personal culture without doing much to protect the development. Organisations compile personal information have had little impetus to consider the dress hat loneliness security department solutions and people have not done anything drastic to initiate such(prenominal) action (Loss of loneliness is price one pays to take in online earthly concern, 2011). It may take strong government regulation to propel organisations in this wariness (Loss of secrecy is price one pays to live in online world, 2011) leading to the unfinished implementation of the Protection of Personal Information pen nib (POPI) (POPI Threat or opportunity, 201022) in southeast Africa. The POPI Bill depart maneuver the reform to privac y enforcing stringent measures on all public and hugger-mugger entities in South Africa to ensure that the personal information of individuals is protected. The Law citizens committees findings revealed that privacy laws are lacking in South Africa, disrespect the fact that the right to privacy is enshrined in the Constitution (Theophanides, 2010). POPI will pave the way for the built-in right to privacy and will regulate the elan whereby personal information is processed providing individuals with the authority to protect their personal information (Theophanides, 2010).To prepare for POPI compliance, organisations will have to initiate an organisation-wide privacy protection curriculumme. A very provoke securities industry development has been the rise of a privacy GRC (Governance, Risk and Compliance) market niche (Kim, 2010). The three keywords, Governance, Risk and Compliance that expire from this current scope are commensurate with GRC, one of the latest acronyms to dramatise the financial world (Conte, 200762). This acronym GRC has infiltrated the assembly line community over the last days (Racz et al., 2010a106) and is an executive-level concern of many another(prenominal) enterprises today (Krey et al., 2011350). GRC is an integrated approach overseeing people, processes and technology in order to come back stakeholder value while managing risk and complying with regulations and laws (Anand, 201057).Many organizations father their first experience of a GRC program when they begin to implement a privacy program because privacy is an enterprise issue that spans effectual, IT, compliance and business operations (Privacy and GRC What the untried Ponemon Study and the GAPP is Telling us, 2011). The POPI Bill is not altogether an IT or legal or a process or security issue alone a combination of all of these (POPI Threat or opportunity, 201022).Information Privacy and Governance Personal Information, Privacy LawA number of high profile organisations have been subjected to great reputational damage resulting from a proliferation of personal information breaches (Protecting Personal Information, 2010). Organisations have made substantial use of their customers personal information without doing much to protect the information. Organisations collecting personal information have had little impetus to consider the best privacy protection solutions and people have not done anything drastic to initiate such action (Loss of privacy is price one pays to live in online world, 2011). It may take strong government regulation to propel organisations in this direction (Loss of privacy is price one pays to live in online world, 2011) leading to the pending implementation of the Protection of Personal Information Bill (POPI) (POPI Threat or opportunity, 201022) in South Africa. The POPI Bill will address the right to privacy enforcing stringent measures on all public and private entities in South Africa to ensure that the perso nal information of individuals is protected. The Law Commissions findings revealed that privacy laws are lacking in South Africa, despite the fact that the right to privacy is enshrined in the Constitution (Theophanides, 2010). POPI will pave the way for the constitutional right to privacy and will regulate the manner whereby personal information is processed providing individuals with the authority to protect their personal information (Theophanides, 2010).To prepare for POPI compliance, organisations will have to initiate an organisation-wide privacy protection programme. A very interesting market development has been the rise of a privacy GRC (Governance, Risk and Compliance) market niche (Kim, 2010). The three keywords, Governance, Risk and Compliance that emanate from this current context are commensurate with GRC, one of the latest acronyms to embrace the financial world (Conte, 200762). This acronym GRC has infiltrated the business community over the last years (Racz et al., 2010a106) and is an executive-level concern of many enterprises today (Krey et al., 2011350). GRC is an integrated approach overseeing people, processes and technology in order to deliver stakeholder value while managing risk and complying with regulations and laws (Anand, 201057).Many organizations get their first experience of a GRC program when they begin to implement a privacy program because privacy is an enterprise issue that spans legal, IT, compliance and business operations (Privacy and GRC What the New Ponemon Study and the GAPP is Telling us, 2011). The POPI Bill is not exclusively an IT or legal or a process or security issue but a combination of all of these (POPI Threat or opportunity, 201022).
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment