Data Protection
Businesses in South Africa have no choice but to comply with the Protection of Personal Information Act (POPIA).
President Cyril Ramaphosa made the announcement recently that further provisions of POPIA would come into effect on 1 July 2020. POPIA resembles data privacy legislation adopted in many parts of the world, including the EU (GDPR) and UK (Data Protection Act 2018). Providers are required to comply with international data privacy laws, where these are in force. The BPO sector’s highly compliant culture will stand it in good stead therefore, to also comply with POPIA as it continues to service both local and international clients.
Designed to protect the basic human right of privacy, POPIA protects personal information, especially with regard to data breaches and data theft. Personal information constitutes any information relating to a living, identifiable natural person, or an existing juristic person (like a company). The deadline for compliance with the further identified provisions of the act is 1 July 2021. Sections of the act, which have been implemented incrementally, constitute the conditions for legal processing of personal information; codes of conduct issued by the Information Regulator; procedures for dealing with complaints; provisions regulating direct marketing by means of unsolicited electronic communication and general enforcement of the act.
Data is said to have become the “new oil”, having grown considerably in its economic value to business. In fact, data privacy remains a top priority globally. And it’s businesses that are set to add significant value and, in turn, gain a substantial share in their respective markets. Some of the risks associated with non-compliance are data breaches, reputational damage, and a substantial fine (the Information Regulator is mandated to enforce fines even exceeding more than R10 million, or to pursue criminal charges).
In order to ensure compliance, businesses are encouraged to establish a POPIA task team; draft a Privacy Policy; review the processing of personal information, and the type of information processed; provide appropriate training of all relevant personnel; ensure compliance with POPIA requirements around personal information transfer outside of South Africa’s borders; confirm that all direct marketing complies with POPIA requirements; and review information security and safeguards.
South Africa’s BPO sector has a keen focus on compliance, and the progressive data privacy legislation of POPIA should bolster trust in the sector, as well as instill confidence in global source markets that South Africa is indeed open and ready to render a top-of-class global BPO business.
Furthermore, South Africa boasts second place in the recent BPO Omnibus Survey of Most Preferred Offshore Location, which holds much promise for the future of the sector. The country was also ranked 60th out of 141 countries in the World Economic Forum (WEF) Global Competitiveness Report 2019, up from 67th in 2018. The main driver behind this improvement in overall global competitiveness was an increase in ICT adoption.
Over and above being sticklers for compliance, South Africa’s BPO and contact centre industry can also offer outsourcing clients an ideal location that compliments the time zone of the outsourcing country, for optimal around-the-clock service delivery; a sizable talent pool; niche domain skills; solid infrastructure; cultural affinity; fluency in English; and the ability to connect with customers on an empathetic level.
South Africa and Boomerang SA, with its headquarters in Cape Town (also affectionately known as the “Mother City”), is ready to partner meaningfully with offshore and domestic outsourcing clients. Boomerang SA has the technical, security and operational processes in place to meet ISO9001, ISO27001 and regulated financial services standards. So, let’s start a conversation.