information

Home/information
23 06, 2020

Prior Authorisation: what is it, when must you apply, and what are the penalties

2022-01-31T19:17:16+02:00June 23rd, 2020|information, nuts & bolts, resources|0 Comments

Quick Guide There was a grace period on Section 58(2) which ended on 1 Feb 2022. This grace period allowed you to continue processing while your application for prior authorisation was in progress. From now on, you will have to suspend processing while you wait for your authorisation decision under threat of penalty (see [...]

22 06, 2020

Big news for POPI

2020-06-22T11:47:08+02:00June 22nd, 2020|information|0 Comments

The presidency has announced that most sections of the POPI Act will commence on 1 July 2020. This long awaited announcement means that the 1 year grace period to achieve compliance will start on 1 July and that organisations will need to achieve compliance by 1 July 2021. The Act does make provision for extending [...]

22 06, 2020

How does COVID-19 impact on privacy?

2020-06-22T07:46:08+02:00June 22nd, 2020|privacy|0 Comments

The COVID-19 impact on privacy is starting to be felt with contact tracing and managing physical access to offices, stores and restuarants based on health information. This is what the Information Regulator has to say ... Media Statement: COVID-19 Guidance Note, 03 Apr 2020 The Information Regulator (Regulator) has issued a Guidance Note on the processing ( e.g. [...]

6 02, 2017

POPI is not about jail time and fines

2017-02-06T11:42:27+02:00February 6th, 2017|information, risks|0 Comments

A lot has been made of the maximum penalties in POPI. How exposed are business owners really to long jail terms and large fines? The often quoted R10m and / or 10 years imprisonment provision is a maximum penalty and only applies if you: hinder, obstruct or unlawfully influence the Regulator  POPI s100 fail to comply with an [...]

6 07, 2016

Responsible party or operator?

2016-07-06T16:09:22+02:00July 6th, 2016|information, nuts & bolts|0 Comments

Am I an 'operator' or 'responsible party' under POPI? It’s important to know whether you are regarded as an 'operator' or 'responsible party' under POPI. Both have certain obligations but the responsible party has a much broader responsibility. To determine if you are an operator, you can ask yourself whether you: Process the data solely in the interest [...]

19 09, 2015

Retention of records

2015-09-19T18:39:35+02:00September 19th, 2015|nuts & bolts|0 Comments

Retain only as long as necessary POPI requires that 'records of personal information must not be kept any longer than is necessary for achieving the purpose for which the information was collected..." Section 14(1) Practically this may be one of the most difficult provisions to comply with as it requires a very clear picture of all purposes [...]

15 09, 2015

You’ve lost some data, now what?

2015-09-15T13:38:24+02:00September 15th, 2015|nuts & bolts|0 Comments

Likelihood of regulatory enforcement When looking at enforcement of privacy legislation in Europe it appears that there is a low level enforcement. 1 For example, the UK Information Commissioner's Office reports only 84 enforcement actions during the whole of 2014. 2 It remains to be seen how active the South African Information Regulator will be in enforcing [...]

15 09, 2015

P@sswords

2015-09-15T08:55:59+02:00September 15th, 2015|risks|0 Comments

Weak passwords Imagine a vault encased in thick steel walls, inside a building with a state of the art alarm system with guards and dogs patrolling the 4m high electrified perimeter fence. Now imagine that a master key capable of opening the gate, front door and vault can be bought for R10 at the local hardware store. This is [...]

8 09, 2015

The role of the Information Officer

2023-07-10T21:41:53+02:00September 8th, 2015|nuts & bolts|0 Comments

How to register your Information Officer Quick FAQ #1: Your organisation, charity, school, club, etc does have an Information Officer under POPIA, and your IO does need to be registered. Quick FAQ #2: Your organisation, charity, school, club, etc does have to comply with both PAIA and POPIA. The Information Regulator has provided guidelines and [...]

Title

Go to Top