The SAOUG year-end function and general meeting was held at Norton Rose Fulbright in Sandton, on 10 November 2017. The speaker for the event, Nerushka Bowan, gave a talk on the Protection of Personal Information Act (POPIA) titled “POPIA: what you need to know.”
In the South African Bill of Rights everyone has the right to privacy. POPIA is a subset to the right to privacy but only in relation to your own information. In simple terms, the purpose of the POPIA is to ensure that all South African institutions conduct themselves in a responsible manner when collecting, processing, storing and sharing another entity’s personal information by holding them accountable should they abuse or compromise your personal information in any way. Personal information is defined as any information relating to an identifiable person (“Data subject”), this includes (but is not limited to) race, gender, education, marital status, ethnic status, email, physical address, telephone number, biometric information and personal positions of views or opinions you hold. POPIA applies to all organizations and their processing in South Africa. Exclusions: household, journalistic, literary and artistic skill.
POPIA consists of 75 pages 115 sections and 12 chapters, these chapters were explained with a focus on all 8 conditions of Chapter 3. Eight Conditions aligned to the global standard of accountability: Processing / limitations / purpose specifications / further processing limitations / information quality / openness / security safe guards / data subject participation.
In closing, Nerushka Bowan suggested that in preparation for the implementation of the act we can start by mapping data flows, conduct privacy impact assessment and create project plans, starting with high risks.
The full presentation can be accessed here
Visit our Facebook page for photos of this event