All South African businesses, including franchise vehicle dealerships, have until 1 July 2021 to ensure compliance of the long-awaited Protection of Personal Information Act (POPIA) – or face fines of up to R10-million and possibly even jail sentences of up to 10 years. POPIA begins on 1 July and we hope that you, our members, are gearing up for this.
It is not merely the policies that need to be ready but also some very important processes need to be implemented and prepared for the go-live date of 1 July 2021. Here are eleven steps to Day 1 compliance: 1. Raise awareness 2. Document the data you currently store 3. Draft privacy notices 4. Check individual’s rights. 5. Consider data access requests 6. Review the lawful basis for processing personal data (8 lawful conditions of processing) 7. Refresh your existing consents, note justifications and update POS documents. 8. Take into account child data Sure-up defences 9. Familiarise yourself with Privacy Impact Assessments 10. Assess international implications (cross border data transfers) 11. Appoint an Information Officer Then there are the risks associated with Further Processing and the requirements around Prior Authorisation. On top of this, there is a requirement to document all of this. The RMI, in conjunction with its attorneys Barnard Incorporated has developed a compliance manual for members in respect of the POPI Act. The purpose of the compliance manual is to assist and guide members in establishing the correct structures, processes and procedures in their business in order to ensure that they are compliant with the requirements of the POPI Act. | The compliance manual is not to provide a bespoke solution for all businesses, and we recognise that certain members may wish to obtain further assistance in ensuring that their businesses are compliant with the POPI Act.
To this extent, the RMI has secured a special consulting rate from Barnard Incorporated, which will assist members that desire a more bespoke compliance manual, at an additional cost to the member. The details hereof are included below. The RMI POPI Toolkit is suitable for all enterprises and is designed for anyone wanting to manage their own POPI implementation but who require some guidance on what to do and how to go about it. In association with RMI, Barnard Incorporated provides an exclusive POPI service for all members by providing guidance and limited implementation assistance. Should any RMI member require additional assistance to amend or review contracts with third parties; amend or review internal policies, draft disclaimers or consent forms, or arrange training for your Information Officer, legal experts are able to provide a bespoke quotation on an RMI preferential rate. Members seeking advice on the implementation of the guidelines may contact any one of the RMI’s senior members of staff, who will be able to assist. Contact Heike Endries from Barnard Incorporated via 087 255 5503, email or for more information visit their website. |