South African cyberspace has entered a new dispensation. The Protection of Personal Information Act, which affords data subjects protection against their information given to entities that process data, came into full effect on 1 July 2021. In response to the growing cyber threat landscape, POPIA requires that responsible parties that process data, put in place measures that ensure compliance and minimize the risk of breaches. More intentional is the act's requirement for the registration of principal information officers, carrying the full burden of liability in the event of non-compliance. In this episode of Tech Legal Matters, Andrew Bourne, Africa Regional Manager at Zoho, walks us through how his organization meets compliance standards. As principal information officer, how he coordinates efforts to maintain and ensure privacy.