Latest News

Welcome to the home of ESBrokers. We are a leading specialist insurance provider, providing specialised insurance solutions for very niche markets.

POPI Act (Protection of personal information) unpacked - What you need to know

After years of start and stops – virtually all the operational provisions of the Protection of Personal Information Act 4 of 2013 (POPIA) finally came into force on 1 July 2020.

All businesses and public bodies will be affected. This development impacts every public and private body in South Africa. The infographic below provides an overview of the instances in which POPIA will apply to processing activities and the obligations which come with POPIA. There is a 12-month grace period - until 30 June 2021 by which to comply with the comprehensive requirements set out in POPIA and non-compliance can result in significant penalties - up to 10  years' imprisonment and/or ZAR10 million in administrative fines. 

POPI’s reach is wide – it regulates all organisations who process personal information, - information about employees, customers, suppliers and those who outsource key processing activities, share data offshore, or engage in direct marketing.

What is personal information (as defined in section 1 of the Act)
* private details: Race, gender, sex, pregnancy, marital status, nationality, ethnicity, social origin, colour, sexual orientation, physical health, mental health, disability, religion, conscience, belief, culture, language and birth.

* History of a person: Employment, medical, financial, criminal

* numbers and addresses: E-mail address, telephone number, address, and other identifying number.

* Biometric information: Blood Type, fingerprints, or other such identifying information

* Outlook: Views, opinions or preferences.

* Correspondence: Explicitly private or confidential correspondence or further correspondence that reveal origin of original correspondence.

* Views: Views and opinions of a person about another person

* Names: The name of a person that, if it is revealed with personal information.

Legislation requiring collation and processing of personal information:
King IV - ICT compliance.

Article courtesy of Webber Wentzel as published in Polity on line