Organizations subject to the Protection of Personal Information Act (“POPI Act“) (also called POPIA) have until July 1, 2021, to fully comply with this new South African privacy law. As the deadline is steadily approaching, organizations must be ready to comply with POPI Act’s eight conditions for lawful processing. Fortunately, VeraSafe can help you make POPI Act compliance easier by breaking down each condition into manageable, actionable segments. In this post, we’ll focus on how to address ‘openness’ – the sixth condition for lawful processing.
Openness requires that organizations be forthcoming and transparent about their privacy practices. In particular, Section 18 of POPI Act requires organizations that collect personal information to take reasonably practicable steps to ensure that individuals are aware of certain information, such as:
- the personal information being collected;
- the purpose of such collection;
- the law authorizing or requiring the collection of information, if applicable;
- the name and address of your organization;
- the consequences of failure to provide the requested personal information;
- whether the supply of personal information by the individual is voluntary or mandatory; and
- who will have access to the personal information.
Need a POPI Act Expert?
VeraSafe’s comprehensive POPIA Compliance Program offers a complete solution to help you comply with the POPI Act. We can help you determine how and if the POPI Act applies to your organization and, if it does, prepare a plan of what is needed to meet the POPI Act obligations before the deadline on July 1, 2021. VeraSafe pairs your business units and in-house attorneys with our specialized South African privacy attorneys, information security experts, and project managers, providing you with a holistic approach to compliance.