South Africa: POPIA 101: The Journey To Compliance

Agenda

• background and general application of POPIA| Era Gunning
• practical implementation of, and demonstrating compliance with, POPIA| Ridwaan Boda
• data breaches and cyber security / cyber insurance | Nicole Gabryk

General application

• POPI, South Africa's legislation dealing specifically and exclusively with data protection, will largely come into force on 1 July 2020. A responsible party (i.e. a public or private body or any other person which, alone or in conjunction with others, determines the purpose of and means for processing) personal information has a one year transitional period after this commencement date to become compliant with POPIA.
• subject to certain exclusions, POPIA applies to the automated or non-automated processing of personal information entered into a record in any form (provided that when the recorded personal information is processed by non-automated means, it forms part of a filing system or is intended to form part thereof) by or for a responsible party who or which is domiciled in or outside South Africa, or not domiciled in South Africa, unless the processing relates only to the forwarding of personal information through South Africa.

To view the full article please click here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.