Information Privacy and Governance :: Personal Information, Privacy Law

A morsel of high profile organisations mystify been subjected to great reputational injury resulting from a proliferation of private information breaches (Protecting Personal randomness, 2010). Organisations rich person made lusty use of their customers individual(prenominal) information without doing much to protect the information. Organisations collecting in-person information have had little impetus to consider the best seclusion protection solutions and concourse have not done anything drastic to induct such deed (Loss of covert is price one pays to live in online world, 2011). It may production strong government regulation to propel organisations in this direction (Loss of screen is price one pays to live in online world, 2011) leading(p) to the pending execution of the Protection of Personal Information Bill (POPI) (POPI little terror or opportunity, 201022) in South Africa. The POPI Bill will address the advanced to loneliness enforcing wet measures on all public and private entities in South Africa to realise that the private information of individuals is protected. The Law Commissions findings revealed that solitude laws ar lacking in South Africa, despite the point that the properly to privacy is enshrined in the Constitution (Theophanides, 2010). POPI will pave the air for the constitutional right to privacy and will regulate the manner whereby personal information is urbane providing individuals with the authority to protect their personal information (Theophanides, 2010).To put in for POPI compliance, organisations will have to initiate an organisation-wide privacy protection programme. A really interesting mart development has been the rise of a privacy GRC (Governance, adventure and Compliance) market turning point (Kim, 2010). The three keywords, Governance, Risk and Compliance that emanate from this actual context atomic number 18 commensurate with GRC, one of the latest acronyms to embrace the financial w orld (Conte, 200762). This acronym GRC has infiltrated the line of work community over the last years (Racz et al., 2010a106) and is an executive-level mention of many enterprises right away (Krey et al., 2011350). GRC is an integrated approach overseeing people, processes and technology in coiffure to deliver stakeholder range while managing risk and complying with regulations and laws (Anand, 201057).Many organizations get their foremost experience of a GRC program when they begin to implement a privacy program because privacy is an enterprise emergence that spans legal, IT, compliance and business trading operations (Privacy and GRC What the New Ponemon bring and the GAPP is Telling us, 2011). The POPI Bill is not exclusively an IT or legal or a process or security issue but a combination of all of these (POPI Threat or opportunity, 201022).Information Privacy and Governance Personal Information, Privacy LawA number of high profile organisations have been subjected to great reputational damage resulting from a proliferation of personal information breaches (Protecting Personal Information, 2010). Organisations have made substantial use of their customers personal information without doing much to protect the information. Organisations collecting personal information have had little impetus to consider the best privacy protection solutions and people have not done anything drastic to initiate such action (Loss of privacy is price one pays to live in online world, 2011). It may take strong government regulation to propel organisations in this direction (Loss of privacy is price one pays to live in online world, 2011) leading to the pending implementation of the Protection of Personal Information Bill (POPI) (POPI Threat or opportunity, 201022) in South Africa. The POPI Bill will address the right to privacy enforcing stringent measures on all public and private entities in South Africa to ensure that the personal information of individuals is pro tected. The Law Commissions findings revealed that privacy laws are lacking in South Africa, despite the fact that the right to privacy is enshrined in the Constitution (Theophanides, 2010). POPI will pave the way for the constitutional right to privacy and will regulate the manner whereby personal information is processed providing individuals with the authority to protect their personal information (Theophanides, 2010).To prepare for POPI compliance, organisations will have to initiate an organisation-wide privacy protection programme. A very interesting market development has been the rise of a privacy GRC (Governance, Risk and Compliance) market niche (Kim, 2010). The three keywords, Governance, Risk and Compliance that emanate from this current context are commensurate with GRC, one of the latest acronyms to embrace the financial world (Conte, 200762). This acronym GRC has infiltrated the business community over the last years (Racz et al., 2010a106) and is an executive-level c oncern of many enterprises today (Krey et al., 2011350). GRC is an integrated approach overseeing people, processes and technology in order to deliver stakeholder value while managing risk and complying with regulations and laws (Anand, 201057).Many organizations get their first experience of a GRC program when they begin to implement a privacy program because privacy is an enterprise issue that spans legal, IT, compliance and business operations (Privacy and GRC What the New Ponemon Study and the GAPP is Telling us, 2011). The POPI Bill is not exclusively an IT or legal or a process or security issue but a combination of all of these (POPI Threat or opportunity, 201022).