It is the Protection of Personal Information Act, a law passed by the South African parliament, which sets the conditions that you must follow to lawfully process the personal information about persons.
“To promote the protection of personal information processed by public and private bodies; to introduce certain conditions so as to establish minimum requirements for the processing of personal information; to provide for the establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000; to provide for the issuing of codes of conduct; to provide for the rights of persons regarding unsolicited electronic communications and automated decision making; to regulate the flow of personal information across the borders of the Republic; and to provide for matters connected therewith.”
Everyone in South African has to try to protect the personal information they process. POPIA sets conditions that any person who processes personal information must comply with. POPIA aims to protect the personal information of people (like consumers and employees) so that they do not become victims of things like identity theft, which can have very serious consequences. However, POPIA does not aim to stop the free flow of information. It recognises that there needs to be a balance.
|Key points and possible actions:|
|Be responsible when processing personal information
|Take practical effective steps to protect it whenever possible
POPIA protects people from harm (both physical and loss of money) by requiring those who process our personal information to protect it. For this reason alone, POPIA is important.
The protection of personal information is definitely needed now, more than ever. With the rise of computing power and devices like tablets and smart watches, personal information is at greater risk than ever before. POPIA will enable personal information to be transferred to South Africa, which will bring economic benefits for the country.
Does POPIA apply to everybody?
Yes, virtually everybody*. POPIA applies to everybody who processes personal information. It applies to all public and private bodies. Process is defined extremely broadly. In terms of POPIA processing means any operation or activity (either automated or not) that involves the collection, receipt, recording, organisation, collation, storage, updating, retrieval, dissemination, distribution, merging and degradation or erasing of data.
* Check POPIA for those exempted from its application
|Key points and possible actions:
|POPIA applies to virtually everybody|
|POPIA has a big impact on anybody in the financial services, healthcare or marketing sectors|
For more information, link to the Information Regulator of South Africa website : https://www.justice.gov.za/inforeg/
Learn more about POPIA
Sage POPIA resources
Sage POPIA legal disclaimer