IT HAS BEEN THREE YEARS SINCE THE COMMENCEMENT OF THE PROTECTION OF PERSONAL INFORMATION ACT, 2013 (POPIA) 

AND 

“SA FIRMS ‘BLATANTLY’ NOT ADHERING TO POPIA

(inforeg) 10 JUL 2024, 11:44

The purpose of the Act is to ensure that all South African institutions conduct themselves in a responsible manner when collecting, processing, storing and sharing personal information (information include but is not limited to employee, clients, customers, members and supplier information).  

Special personal information, such as information relating to a person’s religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or sex life, biometric information or criminal behaviour, was also to be affected.

It is a requirement under POPIA for an employer to produce a POPIA policy and procedures manual to ensure that everyone who deals with Personal Information is aware of the legal implications of the Act, i.e. employer to monitor and enforce compliance.

Failure to comply with the requirements of the POPI Act poses penalties ranging from a fine or imprisonment for a period not exceeding 12 months, or to both a fine and such imprisonment (for minor offences).  For the more serious offences the maximum penalties are a R10-million fine, or imprisonment for a period not exceeding 10 years, or both.

CTL Can help you in becoming compliant including assistance, policies, monitoring or registration with the IR (Information Regulator) to protect you.

Don’t get caught and fined, ensure you comply.