The Purpose of POPIA

  • To deal with limitations of the right to privacy
  • To provide rights and remedies
  • To establish mechanisms to respect, promote and enforce rights.

Why you should care about POPIA.

  • POPIA exists to protect individuals’ rights to personal privacy- when information is being used legally by responsible enterprises and government entities.
  • POPIA regulates your business’s use of personal information.
    • According to the text personal information is:
      • Information relating to an identifiable, living, natural person and where it is applicable, an identifiable, existing juristic person.

The Act addresses the following:

  • The acceptable way for these entities to process and handle sensitive personal data.
  • The individual’s rights and power to protect their own personal information in instances that it is not being effectively use.
  • An oversight office – the information regulator to ensure compliance with the regulations spelled out by the POPIA Act.
  • Specific applicable penalties for non-compliance

These are the 8 Conditions of the POPIA Act:

  • Accountability – Who is responsible.
  • Processing Limitation – What information can you collect and do you have permission.
  • Purpose Specification – Is the information relevant, up to date and serving the correct purpose.
  • Further Processing Limitation – Has the information purpose or processing changed?
  • Information Quality – How is the information kept up to date and relevant.
  • Openness – Are you able to adequately share personal information with the owner of that information.
  • Security Safeguards – Are you keeping all the data safe and secure?
  • Data Subject Participation – Can clients freely see, correct, or remove the data you are holding?

If any of the above has made you question your business operations in terms of POPIA Compliance, you are at the right place!