Skip to content

Menu

ChannelsPublishersSubscribe
LexBlog, Inc. logo
LexBlog, Inc. logo
ProductsSub-MenuBlogsPortalsTwentySyndicationMicrositesResource Center
Join
Search
Close
Join the Movement. Blog 4 Good

POPI compliance – have you considered your existing data protection measures?

By Desiree Reddy (ZA) & Claire Friedman
July 3, 2020
EmailTweetLikeLinkedIn

The majority of the Protection of Personal Information Act 2013 (POPI) effectively commenced on 1 July 2020. The sections that commenced deal with how personal information (which is any information that can identify and infringe the privacy rights of a natural or juristic person) may be processed in South Africa or transferred across borders.

As POPI compliance initiatives gain momentum, regulated entities are advised to consider the measures regulated by existing legislation regarding the protection of personal information. For example, the Financial Advisory and Intermediary Services Act 2002 (FAIS) imposes requirements on regulated entities in respect of client confidentiality, marketing, client consent, and in certain circumstances, notices to the FSCA in the event of data breaches. Similar measures to protect personal information are imposed on market infrastructures under the Financial Markets Act 2012. Banks are also subject to a duty of confidentiality.

A POPI compliance audit will be effective in identifying the risks or gaps which a business may not have been aware of, and will identify measures to address such risks. A business licensed under FAIS, for example, must ensure that such audit includes a consideration of the measures it already has in place to comply with its obligations under FAIS and other applicable laws.

Anyone processing personal information in South Africa will have a 12-month grace period to ensure that they comply with the requirements of POPI. After 1 July 2021, any non-compliance with POPI will have consequences including penalties up to R10 million, civil proceedings instituted by data subjects or the Regulator, and criminal offences and fines in some circumstances.

Photo of Desiree Reddy (ZA) Desiree Reddy (ZA)
Read more about Desiree Reddy (ZA)Email
Photo of Claire Friedman Claire Friedman
Email
  • Posted in:
    Financial
  • Blog:
    Financial Institutions Legal Snapshot
  • Organization:
    Norton Rose Fulbright
  • Article: View Original Source

Stay Connected

Facebook LinkedIn Twitter RSS
Real Lawyers

Company

  • About LexBlog
  • Careers
  • Press
  • Contact LexBlog
  • Privacy Policy
  • Editorial Policy
  • Disclaimer
  • Terms of Service
  • RSS Terms of Service

Products

  • Products
  • Blogs
  • Portals
  • Twenty
  • Syndication
  • Microsites

Support

  • 1-800-913-0988
  • Submit a Request
  • Support Center
  • System Status
  • Resource Center

New to the Network

  • Redefined Blog
  • Global Trade Law Blog
  • The Quick Take
  • Consumer Privacy World
  • Energy Law Report
Copyright © 2021, LexBlog, Inc. All Rights Reserved.
Powered By LexBlog