Intelligent CIO Africa Issue 10 | Page 29

TALKING BUSINESS “The uses of data have reached such a level of value to businesses that it is becoming subject to more stringent standards and controls to safeguard its value and availability.” Personal data: responsibility lies with the business In South Africa, the Protection of Personal Information Act (PoPI) enshrines the constitutional right to privacy by safeguarding personal information through regulating the way in which it is processed, and providing individuals with recourse should their personal information not be processed in accordance with the regulation. Section 19 of the Act, which deals with security safeguards, states that organisations must take appropriate measures to protect personal information against unlawful access or processing, as well as loss, damage, or unauthorised destruction. Companies must further take measures to identify risks, maintain safeguards against such risks, and ensure that these safeguards are continually updated in response to new risks. Businesses are further responsible for keeping their security and data protection up to date and to make sure anybody who handles data on their behalf – whether internal employees or external suppliers – does the same. Data-driven opportunities for growth Dragan Petkovic, Security Product Leader ECEMEA, Oracle South Africa www.intelligentcio.com The crafting of such regulation in South Africa – and across many countries around the world – are in response to a growing digital economy, where personal data is moving faster, further and more freely than ever. Furthermore, rapid advancements in artificial intelligence and machine learning are giving businesses the ability to automate processes across the organisation and extract even greater value from the data that they have. This is made possible through the maturation of cloud computing at the infrastructure, platform and software level, giving businesses the ability to extract, collate and analyse data at incredible volumes and speed – even from across previously disparate systems – and fully explore the potential and value of their data. Companies should view PoPI as an opportunity to better align their organisations; data protection regulation is likely to continue evolving, and a clear view of how data moves across the business will be critical to staying on top of change. While it may be enough for companies to merely comply with the regulations, taking a long-term view can help them work more efficiently and differentiate themselves in a highly competitive market. n “Companies must further take measures to identify risks, maintain safeguards against such risks, and ensure that these safeguards are continually updated in response to new risks.” INTELLIGENTCIO 29