POPI-Small-Business Compliance Project

100% POPI Compliance Package for Small-Business Owners

Enroll in POPI Compliance Project

Complying with the POPI Act is crucial to small business owners for one key reason.

POPI Data Breach Protection

If you don't comply, you face staggering fines and jail time. In other words, compliance is essential.

Protecting Personal Information is not a choice we can make for ourselves. It is a law we must follow.

The Protection of Personal Information Act (POPI) is the SA version of Data Privacy Law already enacted across more than half the countries in the world.

POPI is already active. We're in a "grace" period which ends June 30, 2021, after which we must be able to prove we comply with the Act.

The Protection of Personal Information Act (POPIA) goes live on July 1, 2021.


Why all the fuss?

Until now:

  • If your bank exposed your credit card details, you were the person facing the fallout. Or if one of their suppliers lost your data. You took the pain, and they got away scot-free. That happened a few years ago in the USA when Equifax exposed 143 million records. The data included social security numbers as well as full card details.
  • Jigsaw Holdings in SA lost 63 million records in October 2017. (None of us knew this stash even existed, a mix of ID number, home addresses, employer details, income details, email addresses, ...)
  • On October 24, 2017 a UK plastic surgeon exposed 10 TB of records of celebrity patients. This included photos of them before, during and after surgery.

I could go on, but you get the picture.

It's tempting to think that this applies only to big businesses. But you'd be just as unhappy if the doctor you saw last week exposed your medical history.

Check out the kinds of issues POPI aims to end.

This segment of a recent live Friday Q&A session looks at a real doctor's office.


In other words, this new law will apply to all businesses. That makes sense.

The real problem we face is that the Act is complex. We small-business owners don't have the time:

  • To learn about it,
  • To understand the legalspeak,
  • To work out what needs doing,
  • To find out how to do what needs doing,
  • And to actually do it.

Of course, we can retain consultants. But they sell expensive hours. It's in their interests to sell as many hours as they can.

This makes sense when consulting with massive firms. They have hundreds of workers using mainframes with complex software systems. Each of them has a unique set of systems. They have the funds and staff to action all the changes POPI demands.

You and I don't have the time nor the money.

I have more than 4000 small-business clients. We small-business owners share about 97% of our business-DNA.
  • We face the same constraints: Time, resources, staff, funds,...
  • We use the same systems: PCs, networks, software, web apps, networks, ...
  • We need the same info to operate: Accounting, marketing, emailing, ...
  • We don't have many more than 15 staff,...

The differentiating 3% stems from the deliverables we offer. Even then each genre shares that same 3%. For instance:

POPI Data Breach Protection

  • All doctors hold personal information about patients, often including images...
  • All churches hold personal information on their members, including sensitive information about children and distressed families...
  • All accommodation establishments must hold photocopies of the ID docs of all guests...
  • All pharmacists must retain copies of prescriptions detailing personal health issues we want kept secret...
  • Most estate agents hold sensitive financial information about house buyers...
  • Most lawyers hold legal information that most of us would prefer stays locked away, especially pending court cases...
This POPI act applies to your business in SA. Whether you are a sole trader, (Pty) Ltd, Inc or anything else. Whether you are trading online or offline. No matter what you sell.

But, we small business owners don't have the resources a listed company has. Most of us have one resource. Ourselves. We don't have the time to stay in touch with all the red tape needed to stay legal.

This POPI law will make a few consultants rich and cost the rest of us tens of thousands of rand each to get it done in time. Right now an afternoon of training just describing the Act, will cost more than R1500. (Per person.)

I am a small-business owner myself. I have been since 1984.

I have trained more than 50,000 small-business owners since 1992. Most online. I hate dealing with red tape designed for big business. And, like you, I hate wasting money.

Earlier this year a dozen of my clients emailed me. They asked me how we could leverage our online structures and skills into a POPI solution. They wanted to comply with this new law. And then stay compliant. All this without needing to invest too much money or time. Most of us are short of both.

As we looked at the problem we realised how similar our businesses are.

  • The tools we each use...
  • The information we must gather to operate our businesses...
  • The web applications and systems we use...
  • The challenges we have with passwords...
  • The challenges that the theft of our laptops and tablets and phones will cause...

How does this project work for you?

All our training is online. You can access it at any time, from anywhere, via any device. That's lifetime access.

You don't want to waste hours learning legal stuff you will never need.

It doesn't make sense for each of us to develop our own policy/manual for a service like GMAIL If hundreds of us use GMAIL, it makes sense to write one policy/manual and share it.

The same applies for any other online service or app or Operating System:

  • PC operating systems like Windows, OSX, Linux,...
  • mobile phone operating systems like Android and iOS,
  • common online storage providers like Apple, Microsoft, Google, Amazon, Dropbox,...
  • common desktop applications like Microsoft /Word, Excel, etc), Apple (Pages, Numbers, etc), web browsers, ...
  • common online mailing services like Mailchimp, Activecampaign, Getresponse, ...
  • password managers like 1Password, LastPass, Dashlane,...

You Get

  • Complete Information Officer Training specifically related to small business issues
    • Complete Security Safeguard Guidance
    • Complete Data Subject Procedures and Forms
    • All the policies, procedures and documents you need, including the PAIA manual.
  • Complete Staff Privacy Awareness training for each employee with completion certificate
    • Separate Course
    • Free for Each Employee
    • Certificate of Completion
  • Your Questions Answered
    • Q&A section for each lecture allows you to ask on the spot
    • Weekly Live Q&A session recorded and published same day
    • Via Email
  • Complete POPI Reference Section
    • POPI Act
    • PAIA Act
    • Registration Links
    • Information Expiry Dates
    • Regulations
    • Codes of Conduct
  • Lifetime Access for new Staff & Regulation Changes

You will never need to meet the Information Regulator because your data will never be exposed.

We're not consultants selling hours. The longer they ask questions the more you pay. Both hours and Rands.

We've already invested more than 500 hours asking those questions. We've retained lawyers and security specialists. We've spoken to business owners with special challenges.

You don't have to pay for those hours. We're sharing that knowledge and experience with a large group. Each pays a fraction of the true value.

You get 100% POPI compliance via:

  • Encryption Security so when you lose a device (or thieves take it) nobody can read the data on it.
  • Hardware Security so nobody can break into your systems.
  • Software Security so the data within all your apps remains secure
  • Staff Security where we use videos to train your team.
  • Paper Processes with procedures to manage your information in line with POPI demands.
  • CYA Security with enough documentation to prove you are compliant. (CYA = Cover your Bottom)
  • Email Marketing training to build your list as POPI makes that very difficult.

You get a simple, powerful 30 day guarantee.

  • If our approach does not blow you away…
  • At any time within 30 days…
  • For any reason whatsoever…
  • You get 100% of your investment returned…
  • With no questions asked...
  • And we'll stay friends.

What's Inside

Online POPI Training

  • Lifetime Access 24/7 from anywhere via any device
  • Easy Question & Answer Format in Course Lectures
  • Lectures combine Videos, PDFs, and Text
  • Easy download of all the policies and procedures
  • Weekly Live Online Sessions
  • Includes Staff Training & Certification - Separate Course Bundled In to Allow Unlimited Access by 10 Employees, and a 50% discount off the regular course price of R397 for any others.
  • Includes the formal POPI Material issued by Government for reference

Paper Policies/Procedures

  • Information Security Policy, including...
    • Acceptable Use Policy
    • Access Management and Control Policy and Procedure
    • Backup and Restoration Policy and Procedure
    • Bring Your Own Device Policy
    • Clean Desk and Clear Screen Policy
    • Information Incident Management Policy and Procedure
    • Information Privacy Policy and Framework
    • Information Transfer Policy and Procedure
    • Information Quality Policy
    • Physical and Environmental Security Policy and Procedure
    • Retention and Destruction Policy
  • Website Policies
    • Terms and Condition for Website
    • Website Security Policy
    • Website Privacy Policy
    • PAIA Manual
  • Data Subject Policies
    • Handling & Processing of Requests
    • Data Subject Request Form
    • Consent Forms
  • Employees
    • Clause/Addendum for Employment Contract
    • Clause/Addendum for Applicant Contract
  • Operators
    • DPA/Operator Agreement

Before POPI Starts Plan

  • Set Up Password management
  • Register Information Officer
  • Delete all old data
  • Encrypt all devices
  • Identify all apps and processes
  • Get signed Operator contracts
  • Educate Staff
  • Print & Distribute Policies/Procedures


Your Instructor


Peter Carruthers.
Peter Carruthers.

Peter Carruthers authored the world's best-selling book on surviving small-business closure. He's guided more than 50,000 small-business owners since his first business closed unexpectedly in 1992.

All his training and consulting has been delivered through the Internet since 2004.

During this time he's lived in South Africa, Spain, England, and Norway. (Yeah, he's got massive wanderlust.)


Frequently Asked Questions


When does the project start and finish?
The course starts now and never ends! It is a completely self-paced online process - you decide when you start and when you finish.
How long do I have access to the project materials?
How does lifetime access sound? After enrolling, you have unlimited access to this project for as long as you like - across any and all devices you own.
What if I am unhappy with the project?

If you're not blown away by what you learn and how we present it we want to refund you in full. Contact us in the first 30 days and we will give you a full refund. No questions asked.

Get started now!



You Get:

  • Complete Information Officer Training specifically related to small business issues
    • Complete Security Safeguard Guidance
    • Complete Data Subject Procedures and Forms
    • All the policies, procedures, and documents you need, including the PAIA manual
  • Complete Staff Privacy Awareness training for each employee with a completion certificate
    • Separate Course
    • Free for Each Employee
    • Certificate of Completion
  • Your Questions Answered
    • Q&A section for each lecture allows you to ask on the spot
    • Weekly Live Q&A session recorded and published the same day
    • Via Email
  • Complete POPI Reference Section
    • POPI Act
    • PAIA Act
    • Registration Links
    • Information Expiry Dates
    • Regulations
    • Codes of Conduct
  • Lifetime Access for new Staff & Regulation Changes

Get started now!