Information Privacy and Governance :: Personal Information, Privacy Law

A number of high profile organisations brace been subjected to broad reputational damage resulting from a proliferation of individualized learning breaches (Protecting Personal Information, 2010). Organisations have made substantial use of their customers personal data without doing much to protect the information. Organisations collecting personal information have had little impetus to consider the trump cover trade protection solutions and people have not done anything drastic to initiate such(prenominal) action (Loss of privacy is price one pays to live in online universe, 2011). It may take strong government regulation to propel organisations in this direction (Loss of privacy is price one pays to live in online world, 2011) leading to the pending implementation of the Protection of Personal Information Bill (POPI) (POPI Threat or opportunity, 201022) in southeasterly Africa. The POPI Bill go out address the right to privacy enforcing demanding measures on all public and private entities in South Africa to ensure that the personal information of individuals is protected. The Law Commissions findings revealed that privacy laws are scatty in South Africa, despite the fact that the right to privacy is enshrined in the Constitution (Theophanides, 2010). POPI pull up stakes pave the way for the constitutional right to privacy and will regulate the manner whereby personal information is touched providing individuals with the authority to protect their personal information (Theophanides, 2010).To prepare for POPI compliance, organisations will have to initiate an organisation-wide privacy protection programme. A very interesting market development has been the rise of a privacy GRC (Governance, put on the line and Compliance) market niche (Kim, 2010). The three keywords, Governance, Risk and Compliance that breathe out from this current context are commensurate with GRC, one of the latest acronyms to embrace the financial world (Conte, 200762). T his acronym GRC has infiltrated the business community over the last years (Racz et al., 2010a106) and is an executive-level extend to of many attempts today (Krey et al., 2011350). GRC is an integrated approach overseeing people, processes and technology in order to deliver stakeholder economic value while managing risk and complying with regulations and laws (Anand, 201057).Many organizations get their first generate of a GRC program when they begin to implement a privacy program because privacy is an enterprise issue that spans legal, IT, compliance and business operations (Privacy and GRC What the New Ponemon news report and the GAPP is Telling us, 2011). The POPI Bill is not exclusively an IT or legal or a process or security issue but a combination of all of these (POPI Threat or opportunity, 201022).Information Privacy and Governance Personal Information, Privacy LawA number of high profile organisations have been subjected to great reputational damage resulting from a proliferation of personal information breaches (Protecting Personal Information, 2010). Organisations have made substantial use of their customers personal information without doing much to protect the information. Organisations collecting personal information have had little impetus to consider the best privacy protection solutions and people have not done anything drastic to initiate such action (Loss of privacy is price one pays to live in online world, 2011). It may take strong government regulation to propel organisations in this direction (Loss of privacy is price one pays to live in online world, 2011) leading to the pending implementation of the Protection of Personal Information Bill (POPI) (POPI Threat or opportunity, 201022) in South Africa. The POPI Bill will address the right to privacy enforcing stringent measures on all public and private entities in South Africa to ensure that the personal information of individuals is protected. The Law Commissions findings reveal ed that privacy laws are lacking in South Africa, despite the fact that the right to privacy is enshrined in the Constitution (Theophanides, 2010). POPI will pave the way for the constitutional right to privacy and will regulate the manner whereby personal information is processed providing individuals with the authority to protect their personal information (Theophanides, 2010).To prepare for POPI compliance, organisations will have to initiate an organisation-wide privacy protection programme. A very interesting market development has been the rise of a privacy GRC (Governance, Risk and Compliance) market niche (Kim, 2010). The three keywords, Governance, Risk and Compliance that emanate from this current context are commensurate with GRC, one of the latest acronyms to embrace the financial world (Conte, 200762). This acronym GRC has infiltrated the business community over the last years (Racz et al., 2010a106) and is an executive-level concern of many enterprises today (Krey et a l., 2011350). GRC is an integrated approach overseeing people, processes and technology in order to deliver stakeholder value while managing risk and complying with regulations and laws (Anand, 201057).Many organizations get their first experience of a GRC program when they begin to implement a privacy program because privacy is an enterprise issue that spans legal, IT, compliance and business operations (Privacy and GRC What the New Ponemon Study and the GAPP is Telling us, 2011). The POPI Bill is not exclusively an IT or legal or a process or security issue but a combination of all of these (POPI Threat or opportunity, 201022).