Countdown to POPIA compliance

Posted on

With less than 100 days to the deadline for public and private bodies to ensure that the processing of personal information conforms to the Protection of Personal Information Act (POPIA), the Information Regulator (IR) announced the prioritisation of certain processes in preparation for the full implementation and enforcement of POPIA on 1 July 2021.

1. Consideration of applications for approval of Codes of Conduct

The Guidelines to develop Codes of Conduct as well as the standards for making and handling complaints under approved codes of conduct were gazetted on 19 February 2021 and are available on the IR website. As a result,  the IR can now receive applications for codes of conduct and those applications may be sent to codes.IR@justice.gov.za.

2. Processing of public comments received on the draft guidelines for registration of information officers

The Guidelines for registration of information officers will now be called Guidance Note on Information Officers and Deputy Information Officers. It is anticipated that the Guidance Note on Information Officers and Deputy Information Officers will be published on the website on or before the end of April 2021 and registration will commence on 1 May 2021. An online registration portal for registration of Information Officers will be established.

3. Consideration of applications for Prior Authorisation

Please note that a Guidance Note on application for Prior Authorisation was issued by the IR on 11 March 2021 and is available on the website. Accordingly, responsible parties may submit their applications for Prior Authorisation to the email address, priorauthorisationIR@justice.gov.za.

4. Finalisation of the documents

The IR is in the process of finalising the following prioritised documents:

– Guidance Note on Exclusions and Exemptions from POPIA;

– Template for notification of security compromises in terms of section 22 of POPIA; and

– Guidance Note on processing of personal information across-borders.

“Failure to comply with certain provisions of POPIA may result in the IR imposing an administrative penalty of up to R10 million as of 1 July 2021 or to imprisonment for a period not exceeding 10 years, or to both a fine and such imprisonment,” the Information Regulator reiterated.

Did you know? Moonstone Business School of Excellence (MBSE) offers an online course which provides key information on POPIA, the data protection principles of POPIA and how to apply these principles in daily business activities via an interactive learning experience. Just the awareness training you and your employees need. At a cost of only R300 (VAT inclusive), can you afford not to enrol?

Click here for more information.

Also read: POPIA regulations – Don’t be left in the dark  and POPIA – Information Officer Plays important role