PoPI Compliance

Home / PoPI Compliance

What is POPI?

  • The Protection of Personal Information Act is defined and inspired by the Constitution of the Republic of South Africa, where it states that:

“…each individual has the right to privacy…” This right includes: “…the protection against unlawful collection, retention, dissemination and use of personal information…”.


Why is PoPIA Important?

  • The Act insures that organisations that intend to use citizens’ personal information do so through a process that is fair, responsible, and secure.


What are the consequences of non-compliance?

  • You can receive a fine up to R10million and reputational damage if you are found not compliant.

Responsibility of the Organisation

Once an organisation controls personal information, it is their responsibility to take appropriate, reasonable, technical, and organisational measures to prevent it being accessed unlawfully by external parties.

Conditions for Compliance

  • Condition 1: Accountability
  • Condition 2: Processing limitation
  • Condition 3: Purpose specification
  • Condition 4: Further Processing Limitation
  • Condition 5: Information Quality
  • Condition 6: Openness
  • Condition 7: Security Safeguards
  • Condition 8: Data Subject Participation

Stay ahead of the game

Litha-Lethu Management Solutions, together with members of The Change Collective,  can enable your organisation to become PoPI compliant.

Services Offered

  1. Change Management;
  2. Organisational Design;
  3. Strategic Planning;
  4. Human Capital Management and Development;

with integrated:

  • PoPI Health Check
  • PoPI Action Plan


PoPI Health Check and Action Plan

  • The PoPI Health Check identifies risks and potential threats in your organisation.
  • The PoPI Action plan matches products, services and policies to the identified risks and threats.
  • All done through a comprehensive and personalised change management assessment.