POPIA Compliance

Documentation in progress. This page will provide detailed guidance on POPIA (Protection of Personal Information Act) compliance with Hoziron.

Current capabilities

The platform provides technical controls relevant to POPIA:

• Purpose limitation — Competency-level permissions restrict what data each agent can access
• Information security — TLS encryption, RBAC, audit trail, IP allowlisting
• Data minimization — PII tokenization prevents unnecessary data propagation between agents
• Operator accountability — Tamper-evident audit trail records all data operations
• Data sovereignty — Air-gapped deployment keeps all data within South African infrastructure

Coming soon

• POPIA-specific configuration guidance
• Information officer notification templates
• Cross-border data transfer controls documentation
• Impact assessment framework

Related:

• Security hardening
• Audit trail guide
• Compliance overview