SB Risk Experts has the skills, experience and technical know-how to talk and is your trusted advisor for privacy, data protection, data processing and compliance related matters. It’s not just about compliance, it’s also about doing the right thing for your data subjects and your business.  We can assist you in identifying and mitigating risks to data subjects and your business when processing information before these risks are realised resulting in reputational or financial damages.

 ONBOARDING

 In our onboarding process, we will work with the relevant people in your business responsible for data processing operations. This involves:

• Assigning responsibilities, raising awareness, and training of employees. Both Privacy and Information Security Training is included as a business which cannot ensure the privacy and confidentiality of information if good technical, administrative, physical and organisational security measures are not in place as well.

• Ensuring the business complies with POPI regulations and fulfils their obligations such as registering with the Information Regulator in South Africa.

• Establishing privacy processes within the business.

• Writing of the Public Privacy Notice for the business.

• Performing or providing advice about Privacy Impact Assessments.

• Documenting compliance assurance documentation including artefacts such as the Record of Processing Activities (ROPA) and data protection and privacy policies that are internal to your business.

MONTHLY COMPLIANCE SERVICE

Our ongoing monthly subscription service ensures that your business continues to meet your  compliance obligations, especially with regards to the privacy of data. This service includes:

• Informing and advising the business and the employees who carry out data processing activities of their obligations and expectations.

• Provision of Compliance, Privacy and Information Security advice to businesses.

• Monitoring the business's compliance with the POPI Act, other provisions, and with the data protection and privacy policies and processes of the business.

• Having due regard to the risk associated with business data processing operations, taking into account the nature, scope, context and purposes of processing, and advising of any risks that may impact the business.

• Management of Privacy and Data Subject Requests.

• Incident Management and reporting.

• Acting as the contact point for the supervisory authority on issues relating to processing with the supervisory authority and cooperating with the supervisory authority.

• Change advisory and keeping your business up to date on POPI and other compliance, privacy and security matters. This includes workshops or webinars on an established basis for business employees and owners.