Electronic communications networks must
be ultra secure in order to build confidence, disposal of physical
documents also poses a security risk
INFORMATION security experts last week urged businesses in SA that
deal with personal information to review their cyber security and the
disposal of physical documents practices constantly to protect clients’
and employees’ information.
Data events such as hacking, data loss, unauthorised data
use, and the physical disposal of documents all present risk to
businesses and consumers.
According to Metrofile , an information and records management firm, secure disposal of hardcopy documents is often overlooked and yet it is a crucial aspect of data protection.
Communications Minister Dina Pule said last week that cyber
crime was a drawback that went with advances in technology. She said,
"our electronic communications networks must be ultra secure in order to
build confidence amongst the users of e-commerce platforms".
The Department of Communications plans to present the National Cyber Security Policy Framework to the Cabinet next month.
Last Saturday was Data Privacy Day — an international
awareness day aimed at educating governments, businesses, industries and
citizens on the importance of protection of personal information. While
the day was recognised globally by business, corporate SA was grappling
with privacy legislation, Dean Chivers, a director of tax and legal
affairs at Deloitte, said last week.
As the Protection of Personal Information (PPI) Bill looms, many companies are racing against time to grasp the compliance demands of the legislation, he said.
"The PPI bill is a natural progression for SA. At its most
basic, the legislation reinforces every South African’s constitutional
right to privacy," he said. "At the other end of the scale, it brings
the country into line with most of its significant international trading
partners, a factor that builds confidence when information is
transmitted across borders."
Mr Chivers said: "While companies will need to reassess
their data management process, analyse their security, amend processes
and change their contracts, companies should not look at the Protection
of Personal Information Bill as purely an inconvenience.
"Rather, by aligning the requirements of the bill to
existing projects and reporting structures, the bill can offer a
sustainable and measurable return on investment".
Gianmarco Lorenzi, the CEO of Cleardata, part of Metrofile, said it was ironic that most businesses would spend thousands of rands protecting their electronic data through the use of firewalls and high-tech information security, but would let their paper leave the building in the hands of a stranger.
Mr Lorenzi said physical records containing personal information, including copies of identification documents, street addresses and banking details, must be destroyed in a manner that prevents reconstruction in an intelligible form if financial, reputational and legal repercussions are to be avoided.
"The shredding of unwanted documents remains the most
effective way for businesses and industries to practice document
reconstitution," he said.
Posted on BusinessDay
THABISO MOCHIKO
