Protection of data – become familiar with the requirements
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into force. The GDPR standardises data protection law across all 28 EU countries and imposes strict rules on controlling and processing personally identifiable information.
Closer to home we have POPI, the Protection of Personal Information Act. The purpose of POPI is to ensure that the use of personal information is processed for legitimate reasons only and does not infringe on a person’s rights to privacy.
“If it is not already high on their agenda, becoming familiar with the requirements of the Protection of Personal Information Act should be a priority for insurers and loss adjusters”, reports a recent Personal Finance article.
This view was shared by Jay Page, senior associate at law firm Bowmans, who says that in the UK last year, a firm of loss adjusters was found guilty of unlawfully disclosing personal data illegally obtained by its staff and by private investigators.
She advised that when claim insurers, loss adjusters and their employees are investigating a claim they must be wary of falling foul of data protection laws and of their duties to treat customers fairly.
ITWeb also recently posed the question: “How does the GDPR stack up against our own Protection of Personal Information Act 4 of 2013 (POPIA)? There answer is: “Quite simply, it enhances POPIA and raises the bar – and the consequences of non-compliance dramatically.”
This conclusion forms part of the white paper titled “Why Africa needs to dance to the GDPR tune”.
South Africans need to apply universal precautions to our data collection.
Click here to read the Personal Finance article.
Click here to download the white paper on GDPR