The Information Regulator, empowered to monitor and enforce compliance with the provisions of the Protection of Personal Information Act (POPIA), recently published the following:
Commencement of Regulations
The Regulations issued in terms of POPIA was published in December 2018 with the commencement dates to be determined by the Regulator at a later date. The Regulator has recently announced the commencement dates of the Regulations as follows:
– Regulation 5 which deals with the Application for Issuing Codes of Conduct, came into effect on 1 March 2021.
– Regulation 4 on Responsibilities of Information Officers will take effect on 1 May 2021.
– The remaining Regulations issued in terms of POPIA will take effect on 1 July 2021.
Guidelines to Develop Codes of Conduct
In keeping with the commencement date of Regulation 5 on the Application for Issuing Codes of Conduct, the Information Regulator also published Guidelines to Develop Codes of Conduct which also came into effect on 1 March 2021. The objective of the guidelines is to serve as an explanatory note to Chapter 7 of POPIA which deals with Codes of Conduct. The guidelines also serve as a practical guide to ensure that codes are evaluated in a standard manner.
The guidelines apply to a private or public body which is sufficiently representative of any class of bodies, or any industry, profession or vocation. The primary purpose of these guidelines is to outline how all the conditions for the lawful processing of personal information are to be applied or complied with by relevant bodies. The guidelines should be used by:
– relevant bodies that are considering developing a code for approval;
– stakeholders considering a proposed code developed by a relevant body;
– stakeholders and relevant bodies in considering a proposed code developed on the Regulator’s own initiative;
– the Regulator in developing a code on its own initiative.
A relevant body should notify the Regulator of its intention to develop a code and keep the Regulator informed throughout the process of the development of a code. Those who wish to apply for the issuing of a Code of Conduct in terms of POPIA must submit an application to the Regulator using Form 3 in the Regulations.
Click here to read the Guidelines to Develop Codes of Conduct
Standard for making and dealing with Complaints in a Code of Conduct
The Information Regulator also issued a Standard relating to the making and dealing with Complaints under approved Codes of Conduct. Codes of Conduct, which sets out the procedure for making and dealing with complaints, must comply with these standards.
A Checklist for Submission of application for approval of a proposed Code of Conduct can be found at the end of this publication. The Checklist serves as a guide to those who wish to apply for the issuing of a Code of Conduct in terms of POPIA. Prior to submitting a proposed Code of Conduct, the Checklist can be used to verify that all information and/or documents listed on the Checklist have been included as part of the submission to the Information Regulator.
Click here to read the Standard for making and dealing with Complaints in a Code of Conduct.
All entities must be fully compliant with the provisions of POPIA by 1 July 2021. Find out more about how Masthead can assist your business to become POPIA compliant.