Monday, July 15, 2024
No menu items!

SA Schools May Face Penalties for PoPIA Non-Compliance

Must Read
Luis Monzon
Luis Monzon
Journalist. Reach me at Luis@ITNewsAfrica.com

With the third wave of COVID-19 crashing upon South Africans and amidst increasing calls for schooling to be temporarily suspended, it could prove helpful for educational institutions across the country to use the time away from teaching to put some focus into protecting their data privacy.

Schools and other tertiary institutions store and process more personal information than most other organisations, they are by far the most affected by the Protection of Personal Information Act, No 4 of 2012 (PoPIA), which comes into effect on 1 July 2021.


PoPIA Applies to Schools, Universities

In terms of the data protection laws, all private and public bodies processing personal information, are required to have implemented policies and procedures in order to be compliant. This is including bodies in the education sector.

Many of these institutions have heaps of old computer equipment lying in their storerooms. This equipment has huge amounts of data, not only on the pupils but on parents and teachers as well. This provides significant private information concerns.

Reckless disposal of electronics is a huge source of illicit information and it often puts schools at risk.

Xperien ITAD specialist Bridgette Vermaak warns schools to comply by ensuring that the data on all their retired electronics is erased or destroyed according to the PoPIA regulations.

“Deleting files is not sufficient. Data erasure and IT asset disposal have legislative requirements, compliance to PoPIA, the National Environmental Waste Management Act 2008 (NEMWA 2008), the Consumer Protection Act 68 of 2008 (CPA) and General Data Protection Regulations (GDPR),” Vermaak says.

According to legislation, schools and other tertiary institutions are required to manage the complete destruction of all data when IT assets reach end-of-life.

PoPIA requires them to practice due diligence and ensure their storerooms go through the expected data erasure techniques essential to protect company data.

Efficient IT Disposal Can Help Maximise Device Value for Schools

Schools that manage IT asset disposition internally continue to struggle with data security and proper environmental recycling. Efficient IT infrastructure life cycle management and secure IT asset disposition (ITAD) can help them maximise value at every stage of their technology investment.

IT Asset Disposal (ITAD) services have become a legal requirement, they are no longer a luxury. It is crucial to find a professional ITAD provider that can offer data sanitisation and destruction services to protect the data.

Value recovery is a crucial part of the process, schools need to receive fair market value for end-of-life and redundant IT equipment. Professional ITAD service providers normally offer to purchase these assets, this includes the collection, data erasure and reporting.

More importantly, most of these institutions are also missing out on the opportunity to get money back for their used IT equipment.

Data Protection Flaws Are Seriously Harmful

Schools also need to implement a data protection programme that aims at helping pupils understand their responsibilities. Children must understand the implications of unauthorised publishing of personal information and images of third parties, including all social media platforms like Whatsapp, Facebook and Instagram.

It could cause serious harm to the school, its stakeholders and its learners, concludes Vermaak.

Edited by Luis Monzon
Follow Luis Monzon on Twitter
Follow IT News Africa on Twitter

- Advertisement -

Innovative AI Partnership Transforms Healthcare Technology

BroadReach Group and BAO Systems- a US-based health IT organization, have signed a collaboration agreement that will expand how...
Latest News
- Advertisement -

More Articles Like This

- Advertisement -