How to comply with the POPI Act the eLearning way
In our technology-centred lives, personal information is shared with a few taps of the keyboard or smartphone screen. Whether you are signing up to a newsletter or accessing your banking online, your contact details and personal information are stored and processed with ease. With this convenience, comes the risk that personal information will be misused; this is where the POPI Act comes in.
The Protection of Personal Information Act No. 4 of 2013 (POPI Act) is expected by some observers to be fully in force before the end of 2016, with wide-ranging implications for organisations that process personal information. The Act includes penalties for non-compliance, such as prison terms of up to 10 years and/or fines of up to R10-million. Further to this, the Act allows individuals to institute civil claims so there is the possibility of further financial loss on top of any fine that may be imposed. These penalties, as well as overall respect for the law, and the need to protect their reputation from adverse publicity, will drive organisations to find flexible, cost-effective ways to train all their people – directors, management, employees – in how to comply with the POPI Act.
Ignorance is no excuse
When it comes to the POPI Act, ignorance is not an excuse. If they have not done so already, organisations and people who deal with personal information need to act quickly, and become compliant as soon as possible, to avoid these repercussions. One of the requirements of the POPI Act (section 55) is for the Information Officer - the person accountable for POPI Act compliance in an organisation - to encourage and ensure compliance with the conditions for lawful processing under the Act. One practical way to ensure the POPI Act is followed is that all levels of staff, from Directors and Business Owners to the lowest level of permanent or temporary employee, must be made aware of the provisions of the Act as far as it impacts on how they process personal information. This awareness training needs to be comprehensive, practical and easy to understand. Although traditional classroom-based training has its supporters, the alternative of e-Learning, delivered to a mobile or desktop device has many attractions.
Do it online, in your own time
One example of e-Learning comes from Media Works, a leading adult education and training company, in collaboration with IACT-Africa. “POPI Works: Privacy in Action” – is offered through the iTut online learning platform. This online campus allows people to access the material anywhere, any time on PCs, cell-phones and tablets in a collaborative, secure environment. The course is made up of five modules, each of which contribute to a clear understanding of why the POPI Act is important and what must be done by organisations and individuals to make sure they are complying with the Act. These modules cover essential topics such as an introduction to the POPI Act and what POPI is all about; the background to POPI and the legislation; what can employees do to comply with the POPI Act.
Once the learner has completed the five modules (which takes approximately one hour), they can complete the online Summative Assessment. A compulsory pass rate of 80% is required and once the learner has achieved this, the process produces a uniquely numbered certificate of successful completion. This certification is endorsed by Benchmark Assessment Agency, an independent assessment body. An added benefit is that the programme offers a Mozilla Open Badge (www.openbadges.org) to each successful candidate.
Article co-authored by Dr Peter Tobin of IACT-Africa and Dennis Lamberti of Media Works. Media Works is a client of IACT-Africa.
For more information on POPI Works please visit www.popitraining.co.za or call 011 209 0900.