Tag archives: POPIA

Information Regulator issues guidance on POPIA data breach notifications

The Information Regulator published Guidelines on 12 August 2022 regarding security compromise notifications in terms of the Protection of Personal Information Act, 2013 (POPIA). POPIA governs data breaches by ‘responsible parties’ who, alone or in conjunction with others, collect and process personal information for purposes and by means determined by them. They are under an … Continue reading

Retention of records in South Africa

This blog was co-authored by: Preshanta Poonan, associate designate. South African businesses are required by law to retain a multitude of records depending on the relevant legislation and the industry or business. Since South Africa’s Protection of Personal Information Act, 2013 (POPIA) enactment, there has been much uncertainty surrounding retaining information in South Africa. POPIA … Continue reading

POPIA: 100 days to go

24 March 2020 marked 100 days to the deadline to ensure compliance with the Protection of Personal Information Act, 2013 (POPIA). The Information Regulator (IR) has prioritised certain processes that may be applicable to your organisation (which can be completed before 1 July 2021): Registration of information offices – registration commences on 1 May 2021. … Continue reading

Registration of your POPIA Information Officer (1 May 2021)

On 18 March 2021, the Information Regulator announced on Twitter that: the registration of information officers will commence on 1 May 2021; the Draft Guidelines will be finalised once all public comments are taken into consideration; and registration will be an on-going process to enable new entities to register and for existing one to update … Continue reading
LexBlog