Portfolios feature aids POPI, FICA compliance

doc dSignFlow’s secure multi-document portal, Portfolios, offers businesses a reliable means of complying with stringent regulations.

There are two well-known and much-publicised Acts that make South African businesses shudder in their shoes – the Financial Intelligence Centre Act (FICA) of 2001 and the Protection of Personal Information (POPI) Act of 2013.

The two pieces of legislation have much in common. To begin with, they both have to do with how your business deals with customer identification and verification processes, and how it stores and maintains customer and transactional records. Secondly, there are severe penalties associated with non-compliance – severe enough, in many cases, to cause irreparable reputational and financial damage.

Third of all – and this is the good news – SignFlow can help you comply with both. Our digital signature workflow solution offers you an efficient and sure-fire means of making sure your business processes and IT systems are up to scratch when it comes to compliance with both these Acts – so you need no longer shy away from the dreaded “F-word” and “P-word”.

Portfolios

FICA and POPI compliance largely comes down to how you transmit, maintain and store customer data and, while the sheer volume and variety of data may make the process seem very complicated, SignFlow’s Portfolios feature offers you a surprisingly simple means of tackling it.

A SignFlow Portfolio is basically a portal where you can accumulate multiple documents that have been through a workflow and signed, in combination with documents that are just uploaded and stored.

Because there is no email (which is inherently insecure) involved and all documents are uploaded through a secure, encrypted channel, to an online portal where they can only be accessed by the individuals authorised to access them, Portfolios is an invaluable tool to have in your arsenal when you are striving for FICA and/or POPI compliance.

Let’s take an insurance company, for example:

  • The company requires identification and proof of residence documents (documents required by FICA that both also have a bearing on POPI) from a client.
  • That same client needs to sign a contract, which contains personal and financial information, and send it back to the company.
  • SignFlow Portfolios enables you and your client to upload and share documents (both signed and unsigned) via an encrypted portal.
  • There is no emailing, printing or scanning of documents involved at any stage.
  • All your client’s information is kept neatly in one designated, easy-to-access and searchable databank.

Given that the implementation date for the POPI Act is expected to be set this year – and in light of the FICA failures* we have seen in the past, you are under more pressure than ever before to make sure your business complies. Contact SignFlow today for more information on how we can ease the pressure and give you total peace of mind.

* In April 2014, the South African Reserve Bank fined the country’s four largest banks R125 million collectively for failing to comply with FICA. (www.sanews.gov.za)

PBSA shredders underpin POPI compliance

Featured

shredder-generic-picThe company’s hard drive shredders offer local businesses a sure-fire way of complying with the act’s stringent data protection laws.

This year, the implementation date for the much-publicised Protection of Personal Information (POPI) Act is expected to be announced, and local businesses will have a year from this date to become compliant – or face severe penalties.

Passed into South African law towards the end of 2013, the POPI Act essentially regulates how companies store and secure personal information of individuals and entities. Because the act aligns South Africa with international laws on privacy, it includes some stringent rules that businesses – no matter their size – will need to follow to a T.

Wale Arewa, CEO of Secure IT asset disposal company Xperien, says, although the POPI Act gives companies a grace period of a year from commencement to comply with its requirements, they should make it a top priority now.

“There are serious penalties [for non-compliance with the act]. Besides the possibility of prison terms and fines of up to R10 million, POPI also allows individuals to institute civil claims. This means there is the possibility of further financial loss on top of any fine that may be imposed,” warns Arewa.

Data demolition

One of the POPI Act’s key objectives is to ensure customer data is destroyed sufficiently. According to the act, user data cannot be kept for longer than necessary and will have to be completely destroyed – not merely deleted or superficially disposed of.

This means it is simply not good enough for companies to wipe or format a hard drive, nor is it sufficient to toss it out, regardless of how unlikely it may be that it will be discovered.

The only sure-fire way to destroy data, is to physically shred it – a method vouched for by international business news site Bloomberg, in an article entitled “The right way to destroy sensitive data”.

“Hard drives are fed into a machine that resembles a photocopier, which chews and spits out slivers of scrap metal,” the site explains.

pbOffice, a division of PBSA (formerly Pitney Bowes South Africa), offers a failsafe solution to data destruction with two quality HSM machines – the HSM Powerline HDS230 Hard Drive Shredder and its smaller – but equally effective – counterpart, the HSM HDS150 Hard Drive Shredder.

Both fully data protection compliant, the two hard drive shredders destroy digital media devices in a safe and economical way. These safe and easy-to-use devices shred hard drives into tiny particles – ensuring absolute and irreversible destruction of all data contained on them.

Designed with longevity in mind, both hard drive shredders feature sturdy, solid steel-cutting units and powerful drives. Additionally, because the units feature high throughput capacity and energy-saving continuous operation, they are an intelligent choice for businesses seeking to reduce their carbon footprint.

Visit us today to find out more, or to request a quote.

[REFERENCES]  

Bloomberg.com

Xperien.com