Businesses in Africa Prepare for GDPR
GDPR will have consequences for financial services organisations in Africa and non-compliance will expose those organisations to substantial fines and possible damage to reputation. Companies doing business in Africa should assess how the GDPR will affect their business models and data processing practices.
In addition, South Africa's Protection of Personal Information Act, 2013 (POPIA) also will come into effect this year. The two, however, vary in some instances. The GDPR deals with a subject's right to data probability, while the POPIA does not, and it also requires data controllers to conduct data protection impact assessments, which is not required under POPIA.
Similarities include the assignment of a Responsible Party, the right to erasure and the right to restriction of processing.