POPIA in force: A win-win for business and customers

Both companies and customers benefit when firms are POPIA compliant and secure permission to contact customers, as this ensures a target of willing clients.
Read time 4min 10sec

Tech companies have long urged customers to better manage and govern all the data and personal information they hold. With the passing of the deadline for compliance with the Protection of Personal Information Act (POPIA), local organisations are taking this seriously at last.

The flurry of demand for POPIA compliance services is a long overdue move to better govern all data. 

What local organisations are discovering as they move to comply with POPIA is that compliance simply formalises data management best practice, and is a win-win for organisations and their customers and/or stakeholders.

From the vendor or communicator’s point of view, compliance safeguards them from penalties and customer comebacks, but in moving to comply, it also provides them with an opportunity to clean and revisit all the data they hold.

In doing so, many are discovering they store documents and digital data that have not been relevant for decades.

This storage and administration comes at a cost, so compliance initiatives have forced their hand to dispose of, or delete irrelevant documents and information that has been consuming resources.

Compliance exercises also provide organisations with an opportunity to audit the security and efficiency of their business and technical processes, and implement proper monitoring of these processes to ensure they are adhering to POPIA.

In doing so, they have an opportunity to streamline their internal processes, identify duplication of effort and address any vulnerabilities.

In addition, when organisations are POPIA compliant and secure permission to contact customers, they can be assured of a more targeted and willing audience with whom to communicate their value proposition.

This means that resources previously used for widespread “hopeful” marketing and communications can now be optimised to address only those likely to be interested in the company’s products and services.

Many are discovering they store documents and digital data that have not been relevant for decades.

For customers, POPIA finally gives them (as owners of personal information) formal recourse to the acquisition, usage and management of their personal information.

Prior to the enactment of the Act, illegal or unpermitted acquisition, usage and management of personal information were difficult to prove in a court of law, where people and organisations collected and handled other information of other people illegally, often in an unprotected and reckless manner.

Any exchange of personal information that may come into play between parties or when transacting business must be managed from then on according to the regulations of POPIA, which includes requesting customer consent for a vendor to store, use and protect the customer’s personal information.

An evolution of the Promotion of Access to Information Act, POPIA makes information management regulation more evident to the collectors and users of personal information, and at the same time also provides an easy recourse of actions for the customers or data subjects.

The plethora of products, services and social artefacts as presented on digital platforms is considered as the “global” marketplace where customers can discover, explore, assess and choose according to whatever their specific needs and preferences are – just as if they were visiting a typical shopping mall.

Although advertising of products and services are present, it is the customers themselves who choose whether to wade through the bouquet of products and services, unlike the earlier situation where the customer was bombarded by unnecessary information.

The key to a genuine customer centricity experience is just that − the customer dictates what the client wants to see, purchase or consume. And it is at this juncture that the customer will render their personal information to the supplier/vendor that they buy from.

On the vendor and/or researcher side, although it is worthwhile to analyse its customers and market trends into finding affinities, preferences and sentiments, careful consent and management of such information would need to be had first from the customers to effect analyses in a legal manner.

Customers receive unnecessary marketing and social information and requests, resulting in a huge waste of time, energy, bandwidth and technological resources. When calculating the number of unwanted e-mails and social media information, the costs associated with this can be astonishing.

So on the other hand, to avoid time and resource wastage, it is important that customers in the marketplace restrict information pervasiveness and instead show more discipline in their behaviour – “stop bingeing”.

POPIA regulation actually “forces the hand” in this context, helping both vendors and customers to act in a more controlled and disciplined way – this is mutually beneficial in the context of conservation, legalities and resources.

Mervyn Mooi

Director of Knowledge Integration Dynamics (KID) and represents the ICT services arm of the Thesele Group.

Mervyn Mooi is a director of Knowledge Integration Dynamics (KID). His competencies and focus is within data/information management and governance.

He has been in the ICT and data solutions industry for 38 years, beginning his career as an operator at the CICS bureau in Johannesburg in the early 1980s. Thereafter, he was appointed as a programmer at state-owned oil exploration and production company SOEKOR.

In 1986, Mooi joined Anglo American's head office ICT department where he remained for almost 12 years. Here he progressed to become a senior programmer, analyst, database administrator and technical support specialist.

After completing his degree in informatics, he then left to join Software Futures, where he worked as a senior consultant for 18 months in the data warehousing and business intelligence arena.

Mooi joined KID in 1999 as a data warehouse and business intelligence specialist. His experience in ICT disciplines includes operations, business and systems analysis, application development, database administration, data governance/management, data architecture/modelling, software support, data warehousing and business intelligence.    

See also