What You Need To Know About POPI
Category News
President Cyril Ramaphosa announced that the Protection of Personal Information Act , 2013 (POPI Act or POPIA) would come into force from 1 July 2020.
What is POPI?
POPI is South Africa's data privacy law. It governs how and when organisations may request, collect, store, use or delete records relating to the personal information of other persons and the purpose for which this data is retained.
What is Personal Information?
Personal information is any information that can be used to personally identify a natural person (individual) or a juristic (company). Personal information for an individual could include:
- Identity and/or passport number
- Date of birth and age
- Gender and race
- Marital status and family relations
- Education information
- Phone number/s (including mobile phone number)
- Email address/es
- Physical address
- Employment history and salary information
- Financial information
- Medical history
- Membership to organisations/unions
- Criminal record
- Online/Instant messaging identifiers
- Photos, voice recordings, video footage (also CCTV), biometric data
- Private correspondence
- Religious beliefs and personal and political opinions
Who Does POPI Apply To?
POPI applies to all institutions (businesses and organisations) operating in South Africa, whether local or foreign, large or SME's, which collect, store and use the personal information of other persons.
How Does POPI Affect Organisations?
All businesses and organisations will have 12 months from 1 July 2020 to become compliant. If not compliant by then, they could face fines and penalties.
What is POPI Compliance?
Becoming compliant will require an organisation to re-analyse all its personal information data - where it originates from and how it is used. This will probably mean spending a great deal of time, effort and expense to educate and train its staff, update its business processes and implement technology solutions to incorporate POPI requirements into its everyday operations.
Does POPI Benefit Organisations?
A POPI compliant organisation will have a better awareness of its personal information data and its purpose for the organisation. Managing its data and data procedures better can improve the efficiency and effectiveness of any business and having a robust data protection system will mitigate the ever-present risks of cybercrime and data theft.
Does POPI Benefit Individuals?
Every person has a constitutional right to the protection and privacy of his/her personal information including private communications and privacy in the home. Individuals will have greater control over their personal information knowing what personal information they provide, when requested, and is stored, by which organisation and for what purpose.
POPI is the means whereby an individual's right to his personal information handled by organisations can be enforced.
Who regulates POPI?
The Information Regulator regulates POPI.
What Are The Fines And Penalties For Non-compliance?
The fines and penalties will depend on the offence. However, the maximum penalty is 10 years in prison or a R10 million fine.
Data protection legislation like POPI will protect the privacy of an individual's personal information and will protect the individual from the abuse of it. However, in today's information age, it is the responsibility of each person to take care of, and protect, his/her own information. We cannot blame others for a breach of privacy if they share our personal information when we post the same information on social networking sites like Facebook or LinkedIn ourselves.
Just remember, the POPI Act cannot protect you if you do not take care in protecting yourself.
To contact us, follow the link: https://www.homesofdistinction.co.za/
To contact one of our Real Estate Agents, follow the link: https://www.homesofdistinction.co.za/agents/
Author: LV Digital
