You may be one of the companies that heard of the POPI Act which came into law a while ago and have done what you need to be compliant right now – or you may be one of the many companies that haven’t and are not even sure what POPIA is all about. Suddenly you are being told you need to be POPI compliant, so what do you do?
What is POPIA?
For the uninitiated, POPIA is data protection legislation that requires organisations to handle personal information by applying specific principles and conditions. The POPI act deals with the individual’s constitutional right to privacy and the right to access information. It was signed into law on 1 July 2020 and became enforceable on 1 July 2021. It applies to every business that collects any kind of information both internally and externally.
Do I really need this?
The big question many businesses are asking, in particular smaller ones, is how does this affect me? – do I need this?
Well, for any business committed to ethically treating their client’s information POPIA provides the legal framework and requirements for them to carry this out. It is no longer just a matter of ethics though, all businesses are now legally obligated to deal with client and employee personal information with far more diligence than before. This includes how and why information is collected, processed, shared, stored and accessed.
- Failing to comply can cost you up to R10million in fines and/or some jail time!
What do I do about it?
Have a seasoned professional review and audit your company policies and procedures and give you a clean bill of health. Having done this you will be provided with a Certificate of Compliance. In the meantime here are some simple practical POPI tips…
- Don’t give out personal details to clients;
- Don’t give out fellow staff members personal details to third parties;
- Triple check before you upload or send documents to a client;
- Use your work phone/laptop only for work purposes and don’t take selfies in the office!
- Ensure you have effective anti-virus protection and it is kept up to date;
- Don’t leave customer documents lying around – store them somewhere safe!
- Arrange to have regular POPI training sessions.
What about internally – how does this relate to employees and the protection of their information? Well, as one professional expert put it ‘POPI introduces obligations on employers and grants rights to employees in an attempt to balance the right of employers to conduct a business with the right to privacy of its employees. POPI is not limited to the parties to an employment relationship, but there is no doubt that they are subject to its protections.’
Direct marketing implications
Direct marketers in particular are advised to seek guidance on the POPI act as Direct marketing is regulated by the CPA (Consumer Protection Act) and the POPI act. As one observer puts it; ‘Provided the direct marketing is conducted in a manner that is not contrary to any of the provisions of the aforementioned acts, then the right to privacy may be limited by relying on the right of access to information and the right to freedom of trade, occupation or profession.’ If you remain within the gambit of these acts then you can trade as before.
Leave it to the professionals
So there you have it, if you would prefer to save a lot of headaches and hassles, simply confer with the professionals at Professional Business Services (PBS) where we handle all forms of business compliance.
This is just another of our plethora of business services all designed to give our clients the vital competitive advantage that has become imperative in the world of business today. It is based on our business philosophy and commitment to pursue long term, innovative, sustainable & smart business solutions for all our valued clients.
Contact us today to talk about POPIA and whatever else you need to be a step ahead and a cut above the rest!