POPI ACT RESPONSIBILITY TO KEEP CUSTOMER PERSONAL INFORMATION SECURE

Posted By Charles Ritchie over 1 year ago

Dear Sage City

Do I have a duty towards my customers if someone not only gained illegal access to their personal information but also changed it. This happened in June and Sage can still not explain who did it and how they gained access to sage and there is no audit report that shows it was changed and by which user.

Do I have an obligation in terms of POPIA to disclose this to my effected customers? And currently to secure their information I will have to get a different service provider?

This is serious and I used a sage audit reports in court a while ago claiming that it cannot be incorrect.

Sage reference no HD14673808

I will have to move their companies to quick books

Top Replies

Charles Ritchie over 1 year ago +1

Thank you for your email.

As a software vendor, we only have certain requirements when it comes to POPI ACT.

Ability to delete personal data after the retention period, etc.

We cannot be expected to…

0 Shazi over 1 year ago

Hey Charles

We have informed our development to investigate this urgently.

Please check your private message to confirm your contact details

Sharon
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Charles Ritchie over 1 year ago in reply to Shazi

Yes They have send me an email but basically say that sage have no control over changes that is made by Api's of sage ISV partners or have any security or audit reports to manage it.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Charles Ritchie over 1 year ago

This is what they confirmed
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Charles Ritchie over 1 year ago

Thank you for your email.

As a software vendor, we only have certain requirements when it comes to POPI ACT.

Ability to delete personal data after the retention period, etc.

We cannot be expected to keep data secure from changes that can happen.

These are the changes we made for the POPIA update last year
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Charles Ritchie over 1 year ago in reply to Charles Ritchie

I did an enquiry about this issue with another service provider, and this was their response

We adhere to regulatory standards regarding the security and confidentiality of your data, as stated in the Intuit Terms of Service. Furthermore, confidential treatment of sensitive data is guaranteed.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Shazi over 1 year ago in reply to Charles Ritchie

Charles Ritchie

Please expect a private message from our support team with additional information.

Sharon
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Charles Ritchie over 1 year ago

Status Update Please !!!!
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Shazi over 1 year ago in reply to Charles Ritchie

Hello Charles Ritchie

We are just following up if our support team did reach out to you.

Please let us know.

Sharon
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Sage Accounting

POPI ACT RESPONSIBILITY TO KEEP CUSTOMER PERSONAL INFORMATION SECURE

Top Replies

COMMUNITY

COMPANY

PARTNERS

SUPPORT & TRAINING