Audit your Business
To determine to what extent a business processes personal information lawfully, from both a legal and technical perspective.
POPIA Audit by VDT Attorneys
A legal audits may consist of a review of your existing compliance framework such as internal documents, agreements, policies and processes in order to determine to what extent your business requires a complete POPIA makeover, or if no such compliance framework exists within your organisation, then 1 of our packs can be customised to suit your business’ processing requirements and needs.
Such assessment is usually not done in isolation, and could also consist of an assessment of any other applicable legislation that might apply to your organisation. View more about VDT here.
Onsite Visit & Assessment
During such visit, we determine and assess the means and extent to which your business process personal information of customers, vendors, employees and/or any other person you deal with on a daily basis and advise on required protection mechanisms, terms and conditions and policies to be put in place in order to become compliant with the provisions of POPI.
Review and Assess your Documents
Consider doing an audit of your business’ contracts, policies, processes and systems to assess the way you currently process personal information and to determine where the most imminent risks may be, and where to focus your attention first.
Legal and technical impact assessments
Data breaches and legal advice
Registration and training of information officers
Data protection and security tools
Privacy by Design
See how our solutions can help companies keep up-to-date with data privacy compliance with our data protection & security tools and platforms through our Tech Partners, building of combined data privacy solutions.
When it comes to privacy related compliance, there is often uncertainty about who takes responsibility for what. It’s crucial that from the outset the roles for internal compliance, IT, HCM and legal are clarified, with specific individuals being held accountable for implementation of their parts of the project.
Our Trusted Technical Partners
Get in touch if you need us to audit your Business
A data protection gap analysis serves to audit the extent of your business’ compliance with POPIA and other necessary data protection laws (e.g. the General Data Protection Regulation (GDPR)), and helps identify and prioritise the areas that it may need to urgently address.
Some of the key areas a POPIA gap analysis may cover include:
A review of a business’ legal agreements and policies against the standards for lawful processing
A review of a business’ IT processing systems, security and reporting operations, against the standards required for lawful processing
A review of how the business’s personnel handle personal data on a day-to-day basis and the extent of compliance with lawful processing requirements
Identifying the risks of third party service provider relationships that the business may have
Not sure where to start?
Compliance with POPIA is no tick-box exercise but having a place to start helps. Fill out our quick questionnaire to help you.
Frequently Asked Questions
Learn How it Works
Can you audit us to make sure we are compliant?
We have already commenced with a POPIA / data privacy project and need help auditing our current suite of legal documents or tech systems to make sure we are still compliant?
I don’t know if the POPIPack is for me?
If you are not sure whether one of our POPIPack’s will suit you we recommend subscribing to our generic pack, working your way through the documents and then contacting us if you require our assistance in customising same and if necessary. Alternatively, consider attending our Information Knowledge Session or purchasing the pre-recorded version thereof. This session has been designed to gear you up for understanding what POPIA is and how you need to approach a data protection compliance project. If you are still not sure see our full range of service offerings and feel free to contact us to schedule a consult. We are here to help and discuss your needs.
What is the POPIpack?
The POPIPack includes a generic set of legal data protection documents which, considering the sector your organisation may be regulated by, aims to deliver a POPIA compliance kick-start for the organisation.
The core minimum documents included in our different Packs are geared to help your organisation address its POPIA compliance from a legal documents standpoint. No matter the Pack or, if preferred, if separate legal documents are bought, every document has been carefully considered and drafted by legal professionals and is geared to provide the core minimum legal agreements which we believe every organisation shall need to at least, consider putting in place when it comes to their POPIA compliance project and no matter whether you are only getting started or reviewing what is presently in place.
Do you offer individual legal documents?
Yes, refer to our products page where our single legal product solutions are available for viewing and purchasing.
Does my organisation need to comply with POPIA?
If your organisation requests, collects, stores, deletes, uses or otherwise processes personal information you will need to comply with POPIA.
What are the penalties for non-compliances?
Up to 10 years imprisonment (per infringement) or R10 million fine (per infringement). This does not take into account any further reputational damage or court action which may ensue from a failure to comply.