The President announced and published a proclamation, on 22 June 2020, that the majority of the provisions of the Protection of Personal Information Act 4 of 2013 (POPIA) will commence on 1 July 2020.
POPIA is the new South African data protection legislation. The proclamation means that all the substantive requirements in POPIA in relation to data protection will be applicable from 1 July. These include, amongst other things, the conditions for the lawful processing of personal information and requirements for:
- the treatment of sensitive personal data and children’s information;
- the prior authorisation of certain processing activities;
- the cross-border transfer of personal data;
- the security of personal information;
- the duties and responsibilities of Information Officers;
- direct marketing by means of unsolicited electronic communication; and
- reporting and notification of data breaches.
POPIA provides for a transitional period of 1 year. This means that both private businesses and organisations and public bodies that process personal information must, at this stage, ensure that they comply with POPIA by 1 July 2021.
The complete article is available on the Bowmans website.