Our Services

Information governance
The Companies Act provides that a director must exercise powers and perform the functions required of and assigned to directors in good faith, for a proper purpose, in the best interests of the company and with the degree of skill, care and diligence that may be reasonably expected of a person carrying out the functions of a director and having the general, knowledge, skill and experience of that director...
read more
Information law
It is trite that companies must comply with all applicable laws and understand the context of the laws which may apply to it.
read more
Information security
Information security seeks to address “confidentiality” (ensuring that only authorised persons have access to information), “integrity” (ensuring that information is not maliciously or accidentally corrupted or amended) and “availability” (ensuring that information is available to those persons requiring the information as and when they may need it).
read more
Policy development
Policy is the glue cementing the appropriate use of information technologies and information by employees within an organisation.
read more
Protection of personal information reviews
With the imminent commencement of the Protection of Personal Information Act all companies will need to review the manner in which they process information, and in particular personal information, in order to comply with the provisions of the Act and other related legislation.
read more
Protection of personal information technology audits
One of the key aspects of security safeguards required in terms of the Protection of Personal Information Act is that reasonable technical measures to prevent loss of or damage to or unauthorised destruction of personal information and unlawful access to or processing of personal information may be prevented.
read more
Section 21 (responsible party and operator) agreements
In terms of Section 21 of the Protection of Personal Information Act a responsible party (the party who determines the purpose and means of processing of personal information) must conclude a written contract with an operator (the person who processes personal information for a responsible party) with the aim of ensuring that the operator processes the personal information in terms of a minimum information security safeguards that are statutorily required to be implemented in terms of Section 19 of the Protection of Personal Information Act.
read more
Security configuration
Short service description
read more
Training
Privacy Online provides the following training to assist entities in ensuring that the core competency in the processing of business and personal information may be developed and constantly improved.
read more
news
  • 13 September 2017 - 12:37:00
    In Government Gazette No. 41105 published on the 8th September 2017, the Information Regulator invited comment on the draft Regulations ...

  • 11 April 2017 - 10:02:00
    I was recently referred to an article entitled "Responding to Cybercrime at Scale: Operation Avalanche - A Case Study". The article is published by the Centre for Cyber and Homeland Security at the George Washington University and is authored by Robert Wainwright, a director of Europol and Frank J. Cilluffo, director of the Centre for Cyber and Homeland Security.

    For anyone dealing with the Cybercrimes and Cybersecurity Bill, this article provides some insight into the complexity of cybercrime and the profoundly different way in which the combatting of cybercrime needs to be addressed.