POPI Act bring clarity to a number of previously hazy issues, but in giving us and our clients a chance to address the privacy concerns of many of our international donors, compliance with the POPI Act could quickly be turned into a benefit not a burden.’
During 2014, the DMI management team watched international developments and the growing concerns over the increasing number of data breaches (incidents where data privacy measures were unsuccessful and were becoming regular headline news). After careful consideration DMI turned to one of its longterm trusted advisors for their support. ‘We have worked closely with Grant Thornton over many years and knew we could rely on them for good advice,’ said McLeod. After a number of initial discussions to understand what would be involved, an agreement was reached in early 2015 to formalise a project approach to preparing for compliance with the POPI Act.
the initial project kick-off, but by ensuring that the various actions required were owned by the relevant management team members throughout the project.’
With the guidance provided by specialist consultants from Grant Thornton, the DMI project team, headed by Jared Collison, (DMI accountant), set to work. A formal project plan was developed, which included carrying out a number of assessments. ‘The POPI project actually worked to our advantage from the outset, as the scope of work made us focus on a number of areas that needed our attention. These included a comprehensive review of risks associated with managing all types of personal information,’ he said ‘The Grant Thornton team’s knowledge, skills and experience gained on previous POPI compliance projects paid off handsomely for us, as we were guided every step of the way, speeding up the whole project and reducing the risks associated if we had tried a D-I-Y approach.’
to not only comply internally, but are much better informed to discuss POPI issues with all our stakeholders,’ says McLeod.