The Search For Your Information Officer Begins Now

KI
KISCH IP
Contributor
KISCH IP logo
With an entrenched history in Africa, we have, for the last 145 years, assisted clients from individuals to multi-national corporations in all sectors, in safeguarding their intellectual property rights. While acknowledging our established past, we continue to offer relevant and innovative IP services across Africa, an ever-changing and developing landscape that requires specialist knowledge to succeed.
The Regulations relating to the Protection of Personal Information 2018 (the Regulations) were published by the Information Regulator on 14 December 2018.
South Africa Technology
To print this article, all you need is to be registered or login on Mondaq.com.

The Regulations relating to the Protection of Personal Information 2018 (the Regulations) were published by the Information Regulator on 14 December 2018. Although the POPI Regulations are final, they will only take effect concurrently with the commencement date of the Protection of Personal Information Act 4 of 2013 (POPI).

The Information Officer for private bodies is defined in POPI by using the definition provided for in section 1, of the Promotion of Access to Information Act 2 of 2000. Regulation 4 offers further insight into what the Information Regulator requires from businesses when appointing an Information Officer by setting out their minimum duties and responsibilities in addition to those set out in section 55 of POPI and include inter alia:

  • Appointing, in writing a person employed by the body to act as the Information Officer, and a Deputy Information Officer to assist the Information Officer in performing its obligations;
  • Ensuring a compliance framework is developed, implemented, monitored and maintained;
  • Performing a personal information impact assessment to ensure the business has adequate measures and standards in place to comply with the eight conditions for processing personal information; and
  • Developing, monitoring, maintaining and making available a manual that sets out (i) the purpose of processing the personal information, (ii) the categories of data subjects and personal information relation thereto, (iii) the details of third parties receiving the personal information, (iv) whether any personal information will be transferred outside the Republic and if so, the manner in which the business will transfer the personal information, (v) security measures in place to ensure information quality and safety, (vi) procedure for parties to access the personal information held by the business, (vii) training sessions to be conducted to ensure internal awareness on POPI.

While POPI and its Regulations are not yet in force, the hunt for the right Information Officer should commence as soon as possible in order to allow for adequate time to search, appoint, train and prepare for the inevitable implementation and enforcement of POPI.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

The Search For Your Information Officer Begins Now

South Africa Technology
Contributor
KISCH IP logo
With an entrenched history in Africa, we have, for the last 145 years, assisted clients from individuals to multi-national corporations in all sectors, in safeguarding their intellectual property rights. While acknowledging our established past, we continue to offer relevant and innovative IP services across Africa, an ever-changing and developing landscape that requires specialist knowledge to succeed.
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More