Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act
Thesis (PhD)--University of Pretoria, 2017.
Saved in:
| Other Authors: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
University of Pretoria
2017
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613463048617984 |
|---|---|
| access_status_str | Open Access |
| author2 | Venter, Hein S. |
| author_browse | Venter, Hein S. |
| author_facet | Venter, Hein S. |
| collection | Thesis |
| dc_rights_str_mv | © 2017 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. |
| description | Thesis (PhD)--University of Pretoria, 2017. |
| format | Thesis |
| id | oai:repository.up.ac.za:2263/61578 |
| institution | University of Pretoria (South Africa) |
| language | English |
| last_indexed | 2026-06-10T12:36:32.683Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from UPSpace — University of Pretoria Institutional Repository |
| publishDate | 2017 |
| publishDateRange | 2017 |
| publishDateSort | 2017 |
| publisher | University of Pretoria |
| publisherStr | University of Pretoria |
| record_format | dspace |
| source_str | UPSpace — University of Pretoria Institutional Repository |
| spelling | oai:repository.up.ac.za:2263/61578 A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act Venter, Hein S. xprittishx@gmail.com Dala, Prittish POPI Act Protection of Personal Information Information Security Security Safeguards Compliance UCTD Engineering, built environment and information technology theses SDG-04 Engineering, built environment and information technology theses SDG-09 Engineering, built environment and information technology theses SDG-16 Thesis (PhD)--University of Pretoria, 2017. Privacy entails controlling the use and access to place, location and personal information. In South Africa, the first privacy legislation in the form of the Protection of Personal Information (POPI) Act (Act 4 of 2013) was signed into law on 26 November 2013. The POPI Act promotes the protection of personal information by South African institutions and specifies the minimum requirements in 12 Chapters, which includes 8 Conditions for lawful processing of personal information. Condition 7 of the POPI Act makes specific provision for security safeguards to ensure the confidentiality and integrity of personal information. While the legislative requirements of Condition 7 of the POPI Act are spelt out in Sections 19, 20, 21 and 22, the requirements are not supported by specific guidance in terms of how these should be satisfied. There is also no specific guidance on the security safeguards, as required in Section 19, to ensure the confidentiality and integrity of personal information. Hence, this thesis - which focuses on electronic personal information - proposes a framework that includes a selection of security safeguards that may serve as a frame of reference and be used by South African institutions that store, process and transmit electronic personal information, to achieve and maintain compliance with Condition 7 of the POPI Act. As part of this study, a POPI research survey is used to assess the current state of security safeguards in South African institutions and to validate the selection of security safeguards of the proposed framework. In addition, a model of operation of security safeguards is proposed to guide one on how the selection of security safeguards should be implemented to achieve and maintain confidentiality and integrity of electronic personal information as required by Condition 7 of the POPI Act. Furthermore, this thesis explores the concept and principles of privacy as well as the importance of privacy and provides an overview of the global privacy legislative landscape, including South African privacy legislation. An analysis is also conducted to assess the extent to which the privacy legislation of the European Union (EU) and South Africa addresses the international 2013 Organisation for Economic Co-operation and Development (OECD) guidelines. The POPI research survey is also used to assess the level of compliance with the POPI Act and specifically Condition 7 of the Act. In addition, the POPI research survey is used to assess the financial value associated with electronic personal information and the potential impact of a data breach of electronic personal information. bs2026 Computer Science PhD Unrestricted SDG-04: Quality education SDG-09: Industry, innovation and infrastructure SDG-16: Peace, justice and strong institutions 2017-08-04T08:57:31Z 2017-08-04T08:57:31Z 2017-09-08 2017 Thesis Dala, P 2017, A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act, PhD Thesis, University of Pretoria, Pretoria, viewed yymmdd <http://hdl.handle.net/2263/61578> S2017 http://hdl.handle.net/2263/61578 en © 2017 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. application/pdf University of Pretoria |
| spellingShingle | POPI Act Protection of Personal Information Information Security Security Safeguards Compliance UCTD Engineering, built environment and information technology theses SDG-04 Engineering, built environment and information technology theses SDG-09 Engineering, built environment and information technology theses SDG-16 A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act |
| title | A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act |
| title_full | A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act |
| title_fullStr | A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act |
| title_full_unstemmed | A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act |
| title_short | A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act |
| title_sort | framework and model of operation for electronic personal information to achieve and maintain compliance with condition 7 of the protection of personal information popi act |
| topic | POPI Act Protection of Personal Information Information Security Security Safeguards Compliance UCTD Engineering, built environment and information technology theses SDG-04 Engineering, built environment and information technology theses SDG-09 Engineering, built environment and information technology theses SDG-16 |
| url | http://hdl.handle.net/2263/61578 |