By now you have possibly received numerous emails and communications regarding the Protection of Personal Information Act. Yet there are still questions around the topic.
Essentially, the Protection of Personal Information Act (POPIA) is South Africa’s data protection law. It establishes a number of minimum requirements that organisations must comply with when dealing with personal information; how they gather it, use it and protect it.
It aims to give you your constitutional right to privacy whilst balancing this against the right of access to information.
The Act has actually been implemented for a number of years and many parts of it have been in working since April 2014 but the Act is now fully enforced as of 1 July 2021. An independent regulator has also been created to enforce these rules, rights and practices.
Personal information is a broad term that includes contact, biometric and demographic information.
Organisations can only collect information for the purpose of the work they do. Organisations need to ensure information is relevant and up to date and have reasonable security measures in place to protect your information. Clients are also entitled to request and view what personal information the organisations have on record for them.
It is a great opportunity for organisations to ensure they are more risk aware and transparent, and improve on information security before any problems ever arise.
We take this very seriously and you can rest assured that we’ve done everything we can to ensure compliance with POPIA and the safety of your information.
Please contact us if you have any comments or questions.