Visit the COVID-19 South African Resource Portal

Commencement of the Protection of Personal Information Act

The President announced and published a proclamation, on 22 June 2020, that the majority of the provisions of the Protection of Personal Information Act 4 of 2013 (POPIA) will commence on 1 July 2020.

POPIA is the new South African data protection legislation. The proclamation means that all the substantive requirements in POPIA in relation to data protection will be applicable from 1 July. These include, amongst other things, the conditions for the lawful processing of personal information and requirements for:

  • the treatment of sensitive personal data and children’s information;
  • the prior authorisation of certain processing activities;
  • the cross-border transfer of personal data;
  • the security of personal information;
  • the duties and responsibilities of Information Officers;
  • direct marketing by means of unsolicited electronic communication; and
  • reporting and notification of data breaches.

POPIA provides for a transitional period of 1 year. This means that both private businesses and organisations and public bodies that process personal information must, at this stage, ensure that they comply with POPIA by 1 July 2021.

The complete article is available on the Bowmans website.

X