The rundown of POPIA for people who are really busy.
1. POPIA protects people against other people misusing their information.
POPIA says you can’t obtain or use the personal information of others that you have, for less-than-legitimate reasons. It describes the legitimate reasons and less-than-legitimate reasons.
2. Who are the people involved?
- The person whose information you have – the data subject
- The person responsible for having or processing the information – the responsible party
- The person actually processing the information – the operator (a third party that process information on behalf of the responsible party)
3. What does this mean for your business?
At worst it means you need to do a stock-take of how your business processes personal data. You’ll need to appoint an Information Officer in your company and register them with the Information Regulator, and they will be responsible for ensuring that your data is processed lawfully and that all of your stakeholders are aware of this fact. Implement an accurate privacy policy and don’t do less-than-legitimate things with the personal information you do have and process, keep it safe, ensure any operators you have do the same, and you should be in the clear.
Fair warning!
Yes, these are the absolute broad strokes of compliance for POPIA. But employers do need to take caution – there are heavy fines and penalties in store for those who transgress and it is an admin-intensive process to be compliant and to take stock of all the data you process and ensuring that all these parties are aware and you are operating transparently. Don’t shrug this off!
Annual Workplace Solutions is a reseller of the Sense Business POP-i-Box