organisations urged to comply to POPIA

The Commission for Conciliation, Mediation and Arbitration (CCMA) has called on organisations to comply in this regard.

CCMA director Cameron Morajane said the POPIA brings a new dawn to how the CCMA conducts some of its business processes, including how they collect personal information, the reasons for its collection, how it is collected and what is it used for.

“The CCMA has always prioritised compliance and good governance to all legislations and policy provisions on the Compliance Regulatory Universe,” he said.

The POPI Act promotes the protection of personal information processed by public and private bodies; to introduce certain conditions to establish minimum requirements for the processing of personal information; to provide for the establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000; to provide for the issuing of codes of conduct; to provide for the rights of persons regarding unsolicited electronic communications and automated decision making; to regulate the flow of personal information across the borders of the Republic; and to provide for matters connected therewith.

Senior attorney from Kok & Van Staden Attorneys in Potchefstroom, Daniël Richards told Herald that the Act is necessary to bring South Africans in line with international legislation.

Richards said it is vital for personal information to be protected.

He said the Act protect documents such as ID books, proof of residence, passport number, email address, photos etc.

Also read: POPIA is in effect, but be careful with your data

He said such documents are known as precious goods.

He also urged businesses to comply and ensure that they have a registered information officer.

“The Act requires from organisations to register an information officer at the Information Regulator.

No matter the turnover, number of employees, type of body (public or private), every organisation is required by the Act to identify, appoint and register an information officer,” he said.

Richard further said the Act defines the role and responsibilities of the Information Officer.

“The Information regulator sees the role of the information Officer as a vital aspect of the overall compliance of an organisation.

Heavy fines are imposed by the Act and non-compliance may result in a jail sentence and/or fines up to R1 million.

Prior to the commencement of the POPI Act, the role of the information officer was governed by provisions of the Promotion of Access to Information Act 2 of 2000