The Protection of Personal Information Act No. 4 of 2013 (“the Act”) came into force on 1 July 2021. The Act governs how companies handle the personal information of their customers, suppliers, and staff members. By that date, companies had to appoint and register an Information Officer and comply with the Information Regulator’s Codes of Conduct.
If companies fail to comply with the Act, either intentionally or inadvertently, they could face an administrative fine of up to R10 million.
We strongly advise you to assess if your compliance measures are adequate, and establish what (if any) improvements you can make. In short, consider a data protection health check.
Bregman Moodley Attorneys offers a comprehensive POPI tool to assist you in ensuring that you are compliant with the Act.
This tool will help you train your c-suite and staff to implement a suitable compliance framework. The training for the information officer, and staff, should be ongoing to ensure accountability in terms of the Act.
The tool provides a process for conducting personal information impact assessments and putting policies or procedures in place to deal with data subject access requests. It also generates a PAIA manual that considers the recent changes brought about by the latest regulations promulgated in terms of PAIA. The tool also enables the information officers to conduct a preliminary and annual risk assessment.