The Protection of Personal Information Act, commonly referred to as POPI, is South Africa's data protection law. The POPI Act regulates how personal information of individuals in South Africa is collected, stored, processed, and shared.
Non-compliance with POPIcan lead to fines of up to R10 million and imprisonment for 1-10 years, in addition to the loss to reputation and potential income.
A recent report revealed that the personal information of over 30 million residents in South Africa has been leaked online. Intended to ensure to the constitutional right to privacy, POPI regulates how personal information is processed and aims to strike a balance between the right to privacy of individuals and the availability and access to this information by the public and private bodies.
“Enterprise database security the answer to complying with the POPI Act”: DataCentreNews, Nov 19, 2017