[ad_1]
The Data Regulator has levied an administrative wonderful of ZAR 5 million on the Division of Justice for breaching POPIA.
In September 2021, the Division of Justice and Constitutional Improvement (the DoJ) suffered a cyberattack that resulted within the lack of over 1 200 recordsdata, the encryption of inner paperwork and the compromise of non-public data. Following an evaluation of the DoJ’s techniques, the Data Regulator of South Africa (Data Regulator) concluded that the DoJ had did not put ample safety measures in place to watch, detect and stop knowledge breaches. Particularly, the DoJ had did not renew its Safety Incident and Occasion Monitoring (SIEM) Licence and antivirus licence since 2020. The Data Regulator issued an Enforcement Discover to the DoJ.
The Enforcement Discover
When it comes to the Enforcement Discover, the Data Regulator ordered the DoJ to:
renew its SIEM and antivirus licences; and
institute disciplinary proceedings in opposition to the officers who did not renew the SIEM and antivirus licences.
The DoJ was given 31 days to implement the order of the Enforcement Discover. The 31 days expired on 9 June 2023, with out the Data Regulator receiving any report on the implementation of this order.
The Infringement Discover
On 3 July 2023, for the primary time because it was established, the Data Regulator issued an Infringement Discover to the DoJ, discovering that it had contravened the Safety of Private Data Act 4 of 2013 (POPIA) and ordering it to pay a wonderful of ZAR 5 million (the utmost wonderful for contravention of POPIA is ZAR 10 million).
The Data regulator has given the DoJ 30 days from 3 July 2023 to pay the executive wonderful or elect to be tried in court docket for contravention of POPIA.
This newest growth demonstrates a transparent intention by the Data Regulator to implement POPIA. We anticipate the Data Regulator will problem extra fines for non-compliance sooner or later.
[ad_2]
Source link
