It’s time! POPIA regulations coming into effect

It’s time! POPIA regulations coming into effect

Businesses have until 01 July to become compliant with the Protection of Personal Information Act (POPIA), but it is important to note that certain regulations will come into effect sooner.

POPIA took effect on 01 July 2020, with other provisions coming into force on 30 June 2021.

Businesses have been provided with a one-year grace period, until 01 July 2021, to become POPIA compliant or face the consequences set out in the Act.

It is important to take note of the fact that regulations may also be published in relation to POPIA from time to time. These regulations will provide additional rules and requirements which businesses may need to comply with. POPIA compliance is therefore not a once-off thing but a process that will need to be regularly reviewed to ensure compliance.

Recently, the Information Regulator announced the imminent commencement of certain regulations in terms of POPIA, relating to the protection of personal information.

Also read: POPIA: Have you appointed an information officer yet?

Code of conduct 1 March 2021

With effect from 1 March 2021, the provisions of the regulations in relation to the application for issuing a code of conduct became effective. This allows private or public bodies that are sufficiently representative of various entities in an industry, to apply for a code of conduct to be considered for that specific industry.

Information officer 1 May 2021

With effect from 01 May 2021, the regulations in relation to the responsibilities of information officers will take effect. This is significant for businesses, since every entity that must comply with POPIA must have an information officer – the person responsible within the business for POPIA compliance, privacy and data governance. These regulations supplement the responsibilities set out in POPIA and emphasize the obligation to develop a compliant PAIA manual, as well as internal processes and procedures to advance data subject participation and internal POPIA training.

Deadline for compliance looming

With the deadline for attaining POPIA compliance approaching fast and potentially further regulations and requirements being imminent, it is vital that compliance be prioritized given the hefty consequences for a failure to be compliant.

It is difficult to exactly state what areas of compliance you would need to have in place, but it would be highly advisable to enlist the help of your attorney or POPIA specialist to help you and review what you have in place and what would still need to be done before the Act and regulations take full effect.

Editor’s note: This is an adaptation of a recent article written by Damian Viviers, senior associate with Phatshoane Henney Attorneys.

Showing 2 comments
  • Derek Fox

    Absolute rubbish, all these laws, all these hoops to jump through which only law abiding citizens comply with. So are you saying, as a one man concern, I need to be the compliance officer, health and safety officer, verification officer, Covid officer, now information officer and I am sure there are a few others I have already forgotten. Again I say rubbish. Will the bureaucrats please get back to the business of running the country (of which they are doing a pretty bad job). Let the entrepreneurs get on with getting the economy moving, creating jobs and creating wealth, which sadly goes towards paying these bureaucrats. Stop wasting time trying to recycle failed international laws, trying to make them fit in South Africa. They failed for a reason, they don’t work.

  • Lizette

    I received an invoice for CPD for 2021. Has the internet system been sorted out? Can one do the CPD online yet. I can not come right and the switchboard seems offline …

Leave a Comment

Start typing and press Enter to search