The Information Regulator recently announced that there will be no extension given to the current POPI grace period, which means that the due date will remain unchanged and all organisations in South Africa should comply with the Protection of Personal Information Act (POPIA) by the 1st of July 2021. The same due date counts for complying with the Promotion of Access to Information Act (PAIA).
Advocate Pansy Tlakula, chairperson of the Information Regulator also added to the above announcement that severe penalties will be given to business’s not complying with POPIA within the given timeframe (whether it is intentional or accidental). Penalties can include fines up to R10 million and a jail sentence of up to 10 years. It is therefore extremely important that ALL businesses implement the required POPI policies and procedures as soon as possible.
The POPIA is introduced to ensure business’s conduct themselves in a responsible manner when collecting, processing, storing, and sharing another entity’s personal information, by holding them accountable should they abuse or compromise personal information in any way.
The regulator can grant exemptions for certain circumstances and relevant functions within business’s if it is satisfied that the public interest outweighs the interference with the privacy of the data subject.
by: Horizon Compliance team