INFORMATION security experts last week urged businesses in SA that deal with personal information to review their cyber security and the disposal of physical documents practices constantly to protect clients' and employees' information.

Data events such as hacking, data loss, unauthorised data use, and the physical disposal of documents all present risk to businesses and consumers.

According to Metrofile, an information and records management firm, secure disposal of hardcopy documents is often overlooked and yet it is a crucial aspect of data protection.

Communications Minister Dina Pule said last week that cyber crime was a drawback that went with advances in technology. She said, "our electronic communications networks must be ultra secure in order to build confidence amongst the users of e-commerce platforms".

The Department of Communications plans to present the National Cyber Security Policy Framework to the Cabinet next month.

Last Saturday was Data Privacy Day - an international awareness day aimed at educating governments, businesses, industries and citizens on the importance of protection of personal information. While the day was recognised globally by business, corporate SA was grappling with privacy legislation, Dean Chivers, a director of tax and legal affairs at Deloitte, said last week.

As the Protection of Personal Information (PPI) Bill looms, many companies are racing against time to grasp the compliance demands of the legislation, he said.

"The PPI bill is a natural progression for SA. At its most basic, the legislation reinforces every South African's constitutional right to privacy," he said. "At the other end of the scale, it brings the country into line with most of its significant international trading partners, a factor that builds confidence when information is transmitted across borders."

Mr Chivers said: "While companies will need to reassess their data management process, analyse their security, amend processes and change their contracts, companies should not look at the Protection of Personal Information Bill as purely an inconvenience.

"Rather, by aligning the requirements of the bill to existing projects and reporting structures, the bill can offer a sustainable and measurable return on investment".

Gianmarco Lorenzi, the CEO of Cleardata, part of Metrofile, said it was ironic that most businesses would spend thousands of rands protecting their electronic data through the use of firewalls and high-tech information security, but would let their paper leave the building in the hands of a stranger.

Mr Lorenzi said physical records containing personal information, including copies of identification documents, street addresses and banking details, must be destroyed in a manner that prevents reconstruction in an intelligible form if financial, reputational and legal repercussions are to be avoided.

"The shredding of unwanted documents remains the most effective way for businesses and industries to practice document reconstitution," he said.

mochikot@bdfm.co.za