By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Barnard | Law Firm
  • Latest News
  • About Barnard
    • About US
    • Our Services
    • Our Team
  • Calculators
    • Transfer Costs
    • Bond Costs
    • Bond Repayments
  • Contact
Reading: Applying the POPI Act to your business
Aa
Barnard | Law Firm
  • Latest Articles
  • About Us
  • Our Services
  • Our Team
  • Contact Us
Follow US
© Barnard Incorporated. All Rights Reserved.
Commercial LawNews and Insights

Applying the POPI Act to your business

By Heike van Beek 4 Min Read
Share

If you didn’t already know, a significant portion of the POPI Act came into effect in South Africa on Wednesday, 01 July 2020. It will be important for companies to understand their obligations and duties in regard to the Act because failure to comply will carry heavy fines.

Contents
1. What is the POPI Act?2. Why is the Act being implemented in stages?3. Which part of the Act came into effect on 01 July 2020?4. By when must companies have everything in place?5. Where should I start? What must I do?

1. What is the POPI Act?

The Protection of Personal Information Act is an important bit of legislation because it gives effect to section 14 of our Constitution which says that everyone has the right to privacy.

The Act promotes the protection of all personal information that is gathered and processed by public and private organisations – and provides guidelines that help balance the right to privacy against other rights, such as access to information.

2. Why is the Act being implemented in stages?

Since it was passed in 2013 the POPI Act has gradually been put into operation. Some of the sections of that relate to the Information Regulator were implemented in 2014 but the Regulator only began operations in 2016. Naturally, many of the provisions of the Act require a great deal of preparation and so it has made sense to roll it out incrementally.

3. Which part of the Act came into effect on 01 July 2020?

The remaining sections of POPI that deal with the obligations by a “responsible party” that processes and stores “personal information” commenced on 01 July. The mandatory data breach notification provisions also became effective on that day.

These sections of the Act will essentially affect the way you deal with the information you collect, share and use via your marketing channels such as websites, e-mail marketing campaigns, telephonic marketing etc.

It also governs the manner in which you collect, store and utilise the personal data of your clients, personnel and potential clients. You will be expected to collect the data responsibly, store it securely, handle it ethically and communicate your intentions clearly.

In June 2021, the sections of the POPI Act that deal with the amendments of law and changes required to the Act will become effective.

4. By when must companies have everything in place?

Fortunately businesses will have a year to review, understand and activate their POPI compliant programs. Many larger companies have already appointed Data Compliance Officers / Chief Compliance Officers who will now begin explaining procedures and requirements to their colleagues.

Twelve months isn’t a lot of time, particularly when one considers that you will have to deal with a few fairly complex requirements such as Accountability; Processing limitation; Purpose specification; Further processing limitation; Information quality; Openness; Security safeguards; Data subject participation; Ts & Cs and more. So, it is advisable to begin consulting POPIA specialists as soon as possible.

5. Where should I start? What must I do?

The POPI Act is a wide-ranging compliance mechanism that will affect many areas of your business structure and operation. One’s first reaction upon hearing about new rules and legislation for organisations is to begrudge them as more “red tape”. However, it is important to remember that the POPI Act, in giving animation to an important section of our Constitution and Personal Rights, will be protecting you and your clients / members alike.

Whether you are a sole proprietor, company director, club manager, school principal or executive at an NGO, we encourage you to engage with our team who will be able to unpack the main parts of POPI compliance for you, and devise a strategy for meeting the requirements in time.

Heike van Beek 20th July 2020
Share this Article
Facebook LinkedIn Email Copy Link Print
By Heike van Beek
Follow:
Associate

Discuss this article with me:

Ad image

You Might Also Like

Who Should Appoint the Conveyancer in a Property Sale?

4 Min Read

PBO? NPO? I don’t know!

6 Min Read

Mango’s Plan: An Investor, a Creditor, and a Cession

7 Min Read

Locking in Certainty: Why Sophisticated Creditors Prefer Guarantees over Suretyships

4 Min Read
Tree White

© Barnard Inc. All Rights Reserved.

  • Barnard is a Level 2 BEE contributor
  • Privacy Policy
  • Careers
  • Law Students
  • Fidelity Fund Certificates
  • Testimonials
Welcome Back!

Sign in to your account

Lost your password?