The POPI Act comes into full force on 1st July 2021 when the one year grace period ends. The compliance process is an on-going process and the Responsible Party or company owners can never wash their hands or delegating their responsibilities in complying with the POPI Act, because the management must ensure compliance.
The POPI Act stipulates that when personal information is collected, it must be properly managed and protected. The purpose of Act is to protect personal information, to strike a balance between the right to privacy and the need for the free flow of, and access to information, and to regulate how personal information is processed.
Altitude Employment Solutions can assist to identify the requirements to comply with the POPI Act for instance to do a risk assessment, to appoint an Information Officer, apply for prior authorisation, draft company policies, assist to meet the eight conditions to lawful process personal information and special personal information.
The role of Altitude is to ensure that the company has the necessary information to be compliant and implement the contents and regulations of the Act. It is important to note that the process must be driven by the Information Officer appointed by the company.
Compliance of the POPI Act is a matter that must be approached with the necessary urgency, care and dedication to ensure compliance by management. In case of repeated non-compliance a fine of up to R10 million or / and incarceration of up to 10 years is a possibility.