The Protection Of Personal Information Act 4 of 2013, or POPI, as we lovingly call her, can be a mouthful and might even leave you a little dizzy after reading her legislation.
Observer spoke to Gert Ehlers, a local lawyer, who explains everything you need to know in a plain and simple way, so that we can make you and POPI the best of friends.
“POPI is all about personal information: The way you collect and use it, and whether it is compliant with the law. You absolutely have to state the purpose and relevance of the data collection and reassure the client that it will remain confidential. It works a lot like the Financial Intelligence Centre Act 38 of 2001 (FICA), but where FICA focusses on financial information, POPI covers the rest of your sensitive information,” Gert explained.
It is very important that you only collect and/or supply information that is needed for the specific transaction. More than the required information becomes irrelevant and the client has the right to query this.
“The client has the full right to retract their information at any time, but this will in most cases mean that you cannot continue to provide your services to them. It is your duty to assure the safety of their information and warn them that you might not be able to continue doing business with them if they decide to destroy their information,” Gert advised.
Every business has had to make a few adjustments, to become POPI compliant. Contracts had to be refined, ensuring that the information that gets exchanged stay confidential and won’t be sold or used for personal purposes.
“Another risk is lessened by a disclosure clause that you probably have signed in your own contract, and which is also something the service provider and client signs off on. POPI forces you to be abundantly clear on all the rules surrounding the disclosure of personal information. Should any problems occur, this legally protects the employer and the employee,” he said.
Having everything in writing also serves as a ‘first line of defence’, meaning that people will automatically think twice before overstepping a line if they signed a legally binding contract promising to do the opposite.
Breaking compliance with POPI is a serious offence and measures are put in place to prevent this. If it does happen, every company has a compliance officer among the staff who these incidents should be reported to. They report directly to POPI and also enforce internal measures that are in place.
“It will be difficult to enforce POPI in the start, but the more people become aware of the new law, the easier it will get. I think it will be advantageous for both businesses and individuals to embrace this new act. It can only mean a better sense of trust and loyalty in business,” Gert concluded.
Make sure to catch our next story about POPI and how she will affect social media.
If you’d like to know more and get the easiest solution for your business to comply with POPI, fill in the form below:
Oops! We could not locate your form.
