In 2013 the Protection of Personal Information Act (POPIA) was put into motion, with some sections coming into effect from 2014 and others slowly entering the business arena over the years that followed. On 22 June 2020, the Act suddenly got serious – President Cyril Ramaphosa announced that there would be further provisions coming into effect as of 1 July 2020. These changes are not simple, nor are they steps that any organisation should ignore. It is critical that organisations understand the implications of POPIA and what it means for their business.
The following sections have come into effect as of 1 July:
- Sections 2-38 that deal with the exclusions and conditions for the lawful processing of personal information;
- Sections 55-109 that relate to the responsibilities of information officers, direct marketing, relevant codes of conduct and enforcement mechanisms;
- Section 11 that relates to fees;
- Section 114 (1), (2), (3) that relates to transitional arrangements.
Human resources, payroll data, employee information, CVs, employment information, CCTV records, performance reviews and internal email records are also connected to these POPIA requirements.
These amendments are a warning. Employers must ensure that all information they collect is secure and that these security measures are compliant and aligned with POPIA regulations.
Now is the right time to work with a professional organisation that can help you prepare your business so you and your employees are safe. The fines are hefty, but the work you put in now can save you and your business both financial and reputational costs down the line.
Speak to CRS to find out how we can help you ensure you are compliant and remain that way.
For more information, go to www.crs.co.za.