Practical, plain-English POPIA compliance for South African small businesses.
Stop worrying about POPIA fines. This workbook makes compliance achievable for any SMB — no legal degree required.
Instant download • Editable DOCX • PDF included • 40+ pages
The Protection of Personal Information Act (POPIA) applies to every South African business that processes personal data — and that's pretty much everyone. But most SMBs don't have a legal department or a dedicated compliance officer. This workbook bridges that gap.
PAIA manual, Information Officer appointment, data subject request forms, consent register — all editable and ready to use.
Walk through each POPIA condition with practical action items. Tick off what you've done, identify gaps, and build an action plan.
Step-by-step procedure for detecting, containing, assessing, and reporting a data breach to the Information Regulator within the required 72-hour window.
Technical controls mapped to POPIA requirements: encryption standards, access controls, backup encryption, email security, and breach detection.
Ready-to-use presentation and talking points for training staff on POPIA basics — what constitutes personal information, how to handle data subject requests, and what to do if they suspect a breach.
Agreement template for vendors and service providers who process personal data on your behalf, plus a due diligence checklist for evaluating their POPIA compliance.
Most POPIA resources are written by lawyers, for lawyers. This workbook is written for the person who actually has to implement compliance — the business owner, IT manager, or office administrator. Plain English, actionable steps, and templates you can fill in today.
I've helped numerous SMB clients in South Africa navigate POPIA compliance as part of their broader IT setup. This workbook consolidates what actually works in practice, not what looks good on paper.