Loading Events

« All Events

Virtual Event
  • This event has passed.

POPIA for Small/Micro Businesses

July 13 @ 08:30 - July 14 @ 12:00 SAST

Virtual Event

As a small or micro enterprise, I’ll bet that you’re dealing with more information than you realise! All day. Every day. From outsourced assistants and IT, to your closest employees, the management of Personal Information is key. The marketing and sales processes that make our businesses tick are changing (for the better). Even as a small business, you have to comply with privacy legislation – it’s not just the “big guys” that are going to be affected.

Sifting through the fear mongering and rumourmill can be difficult. In two half-day workshops, I’ll take you through an introduction to what the South African regulations say about privacy, and how you can comply and continue business-as-(mostly)-usual as a small business. POPIA will not stop you from operating, it will however mean some changes for your business.

Sifting through the myths

There are a number of myths about POPIA. The following are some of the most prevalent. In the training, we’ll dispel these and others, and work on what you need to do practically to build your privacy programme.

  • POPIA can be solved with a policy pack – No! Policy is only one component of POPIA.
  • POPIA is once off – No! POPIA is an ongoing exercise, not a destination.
  • Consultants can do all of this for me – No! You have to take responsibility for POPIA and you need to know your business to do so.
  • I should just get consent for everything – No! You can shoot yourself in the foot by doing so. There are 6 different ways to process information, and you need to know which to use when.
  • They won’t come for small businesses – No! They may not be at your door immediately, but if you have an incident they will come knocking. We’ve seen in Europe that even Sole Proprietors are being fined.

What do you need to cover?

POPIA consists of 8 conditions. You need to have a body of evidence that shows HOW you are complying with these conditions.

  • Accountability
  • Processing Limitation
  • Purpose Specification
  • Further Processing Limitation
  • Information Quality
  • Openness
  • Security Safeguards
  • Subject Participation

In the training, I’ll show you what each condition means, and how you can meaningfully approach each one.

Topics we’ll address:

  • What is POPIA and how does it affect you?
  • Components of an effective Privacy Programme
  • The conditions of POPIA
  • The impact of POPIA on a small business
  • Policies and Procedures you need to have in place
  • The duties of the Information Officer
  • Systems and risks
  • Records of Processing Activities
  • Contracts with your clients, employees and suppliers
  • The rights of individuals
  • Incident Response and Security
  • Risk management and ongoing management

It’s important to know that while we will cover what you need to do to comply, you’ll need to put in the work to get your business there. It’s vitally important to dedicate time to your compliance! To help you comply quicker, registration for this workshop will include a number of template policies and management documents, along with guidance on how to change them for your business. The templates provided include:

  • Website Privacy Policy
  • IT Security and Acceptable Usage Policy
  • Risk Register
  • Record of Processing Activities
  • Schedule of Systems and Operators
  • Basic wording for your contracts and what should be included

The half day workshops will take place on the 13th and 14th of July 2021 on Zoom, from 08:30 – 12:00. It is an interactive workshop, with questions encouraged as we work through the content! To ensure that we have valuable engagement, the training will only take a maximum of 20 people. Tickets for the workshop are R3750.00 excluding VAT.

You MUST have registered and paid in full to receive the meeting link. Please indicate your VAT number in the order comments section should you be VAT registered. After checkout, an invoice will be issued within 1-2 business days.

Uniquely positioned with a technical background (software development, networking and cyber security) as well as in privacy law, Ross has hands-on GDPR and POPIA compliance experience in a number of multinational software companies. He holds a masters degree in the management of technology, a certificate in paralegal practice, and is both a Certified Ethical Hacker (CEH) and Certified Information Privacy Professional (CIPP/E). Ross has the technical know-how, the practical application experience, and the legal exposure to give a holistic, practical, and reasonable approach to compliance, without all the complicated legalese!


July 13 @ 08:30 SAST
July 14 @ 12:00 SAST
Event Categories:


Zoom Online Meeting
South Africa
View Venue Website


Ross Saunders
+27 74 104 7147
View Organizer Website


The numbers below include tickets for this event already in your cart. Clicking "Get Tickets" will allow you to edit any existing attendee information as well as change ticket quantities.
Tickets are no longer available