Information Privacy and Governance :: Personal Information, Privacy Law

A number of high-pitched profile organisations befool been subjected to great reputational damage resulting from a proliferation of in the flesh(predicate) information breaches (Protecting Personal Information, 2010). Organisations have made substantial use of their customers personal information without doing much to protect the information. Organisations collecting personal information have had low impetus to consider the best covert protection solutions and people have not make anything drastic to initiate such action (Loss of covert is hurt one pays to support in online world, 2011). It may take strong goernment regulation to remind organisations in this direction (Loss of privacy is price one pays to live in online world, 2011) leading to the pending implementation of the Protection of Personal Information Bill (POPI) (POPI scourge or opportunity, 201022) in southeastern Africa. The POPI Bill will aim the right to privacy enforcing stringent measures on all public and private entities in South Africa to ensure that the personal information of individuals is protected. The Law Commissions findings revealed that privacy laws are lacking in South Africa, despite the fact that the right to privacy is enshrined in the Constitution (Theophanides, 2010). POPI will pave the way for the natural right to privacy and will regulate the manner whereby personal information is processed providing individuals with the trust to protect their personal information (Theophanides, 2010).To prepare for POPI compliance, organisations will have to initiate an organisation-wide privacy protection programme. A very interesting market development has been the farm of a privacy GRC (Governance, Risk and Compliance) market niche (Kim, 2010). The one-third keywords, Governance, Risk and Compliance that emanate from this current context are commensurate with GRC, one of the in vogue(p) acronyms to embrace the financial world (Conte, 200762). This acronym GRC has infi ltrated the condescension community over the last years (Racz et al., 2010a106) and is an executive-level concern of many enterprises today (Krey et al., 2011350). GRC is an integrated approach overseeing people, processes and technology in order to deliver stakeholder value while managing risk and complying with regulations and laws (Anand, 201057). galore(postnominal) organizations get their first experience of a GRC program when they begin to implement a privacy program because privacy is an enterprise foreshorten that spans court-ordered, IT, compliance and business operations (Privacy and GRC What the New Ponemon Study and the GAPP is Telling us, 2011). The POPI Bill is not exclusively an IT or legal or a process or security issue but a combination of all of these (POPI Threat or opportunity, 201022).Information Privacy and Governance Personal Information, Privacy LawA number of high profile organisations have been subjected to great reputational damage resulting from a p roliferation of personal information breaches (Protecting Personal Information, 2010). Organisations have made substantial use of their customers personal information without doing much to protect the information. Organisations collecting personal information have had little impetus to consider the best privacy protection solutions and people have not done anything drastic to initiate such action (Loss of privacy is price one pays to live in online world, 2011). It may take strong government regulation to propel organisations in this direction (Loss of privacy is price one pays to live in online world, 2011) leading to the pending implementation of the Protection of Personal Information Bill (POPI) (POPI Threat or opportunity, 201022) in South Africa. The POPI Bill will address the right to privacy enforcing stringent measures on all public and private entities in South Africa to ensure that the personal information of individuals is protected. The Law Commissions findings revealed that privacy laws are lacking in South Africa, despite the fact that the right to privacy is enshrined in the Constitution (Theophanides, 2010). POPI will pave the way for the constitutional right to privacy and will regulate the manner whereby personal information is processed providing individuals with the authority to protect their personal information (Theophanides, 2010).To prepare for POPI compliance, organisations will have to initiate an organisation-wide privacy protection programme. A very interesting market development has been the rise of a privacy GRC (Governance, Risk and Compliance) market niche (Kim, 2010). The three keywords, Governance, Risk and Compliance that emanate from this current context are commensurate with GRC, one of the latest acronyms to embrace the financial world (Conte, 200762). This acronym GRC has infiltrated the business community over the last years (Racz et al., 2010a106) and is an executive-level concern of many enterprises today (Krey et al. , 2011350). GRC is an integrated approach overseeing people, processes and technology in order to deliver stakeholder value while managing risk and complying with regulations and laws (Anand, 201057).Many organizations get their first experience of a GRC program when they begin to implement a privacy program because privacy is an enterprise issue that spans legal, IT, compliance and business operations (Privacy and GRC What the New Ponemon Study and the GAPP is Telling us, 2011). The POPI Bill is not exclusively an IT or legal or a process or security issue but a combination of all of these (POPI Threat or opportunity, 201022).