Anderson, DominiqueAbiodun, Oluwafemi PeterChristoffels, Alan2021-12-062021-12-062020Anderson, D. et al. (2020). Information security at South African universities-Implications for biomedical research. International Data Privacy Law, 2020, 10(2),180-186. https://doi.org/10.1093/idpl/ipaa0072044-4001https://doi.org/10.1093/idpl/ipaa007http://hdl.handle.net/10566/7054In South Africa, a similar regulation strategy to the European Union General Data Protection Regulation, called the Protection of Personal Information Act (No 4 of 2013) (POPIA), will be implemented, with a view to mitigate cybercrime and information security vulnerabilities. A qualitative exploratory analysis of information security management at universities in South Africa, using a Technology, Organisation, and Environment model, highlights the need for maintaining the security infrastructure to facilitate management of security within the university network, while placing emphasis on information security management processes, such as risk analysis, architecture review, code inspection, and security testing.enInformation securitySouth AfricaUniversityHigher educationCybercrimeArticle