Jan 27, 2012 0
JOHANNESBURG, January 26, 2012 – Saturday, 28 January 2012 marks international
Data Privacy Day. The day highlights the impact technology is having on our
privacy rights and underlines the importance of valuing and protecting personal
information. While the day is recognised internationally by business
professionals, corporate South Africa is grappling with our privacy
As South Africa’s Protection of Personal Information (PPI) Bill looms
over the county’s corporate sector, many companies are racing against time to
grasp the compliance demands of the legislation. Unfortunately, in their haste many are
underestimating the benefits that compliance could bring to their
“The PPI Bill is a natural progression for South Africa. At its most
basic, the legislation reinforces every South African’s constitutional right to
privacy. At the other end of the scale, it brings the country into line with
most of its significant international trading partners, a factor that builds
confidence when information is transmitted across borders,” says Deloitte Legal
Director, Dean Chivers.
Looking beyond compliance, effort and cost,
there is substantial value for those implementing PPI. The value of the
corporate brand will increase with customers and business partners having more
trust in the organisations with which they do business. According to Chivers,
this customer value can translate into financial benefits.
PPI’s value for a brand is incalculable. The recent announcement that
about R41 million had been stolen by hackers infiltrating the PostBank database
illustrates perfectly the reputational and monetary loss involved when customer
information is hacked.
The recent case where Zappos in the USA was
hacked and had to notify in the region of 24 million customers of the breach
and implement preventative measures further indicates some of the potential
downside. Indeed data events like hacking, data loss, unauthorised data use,
insufficiently regulated outsourcing and cross border data transfers all
present significant value risk.
Added to this, on January 25, 2012, the
European Commission proposed increased penalties for data privacy breeches,
which envisage penalties of up to 2% of a company’s global annual turnover.
companies will need to reassess their data management process, analyse their
security, amend processes and change their contracts, companies should not look
at the PPI Bill as purely an inconvenience. Rather by aligning the requirements
of the Bill to existing projects and reporting structures, PPI can offer a
sustainable and measurable return on investment” concludes Chivers.
+27(0)11 784 2598
Deloitte & Touche Southern Africa