POPIA “POSSIBLE” IMPLEMENTATION IN APRIL 2020
Request to promulgate remaining provisions of the Act sent to President
The Information Regulator has asked President Cyril Ramaphosa to declare that the remaining provisions of the Protection of Personal Information Act (POPIA) commence on 1 April 2020.
Speaking in an interview with eNCA, Pansy Tlakula, the chairperson of the Information Regulator of South Africa, said that the act gives serious enforcement powers to the regulator including the ability to levy fines of over R10 million and the ability to pursue criminal prosecution.
Once the remaining provisions of POPIA are in effect, they will regulate the way public and private bodies process personal information of both natural and juristic persons (such as companies and trusts) in South Africa.
IMPLEMENTATION HEADACHES
Implementing POPIA is not an easy task. Whilst Entities will have 12 months from the commencement date of the remaining sections of the Act to comply with the Act, putting procedures and controls in place, in order to comply with POPIA will take substantial effort and time.
The Legal Team has prepared an Implementation Framework/ Roadmap which sets out the various tasks which need to be planned and actioned in order to ensure the lawful processing of Personal Information, including: Conducting a PI impact assessment; Analysing all PI Procedures and placing this into a PI data map; Preparing and implementing Policies, Section 18 procedures and other POPIA documents; such as – Operator Agreements, Data Transfer Agreements and Binding of Corporate Rules; 23Implementing safeguards in respect of the use, sharing and storage of PI, including the archiving thereof. Furthermore, please contact The Legal Team should you require any assistance with: The Implementation of POPIA; Training and Workshops on POPIA; The Development of POPIA documentation; and Conducting POPIA Gap Audits.