The checklist South Africans should see ahead of the new privacy rules in July

The operative provisions of the Protection of Personal Information Act (POPIA) came into effect on 1 July 2020, with a grace period of a year in which companies must ensure that they are compliant.

Legal firm Cliffe Dekker Hofmeyr said that companies must ensure that their business practices and the way they interact with customers, clients or consumers adhere to the requisite privacy laws, as well as confirming that the way they collect, store or process their employees’ information aligns with the protections set out in POPIA.

The firm has also provided a POPIA compliance checklist which aims to assist businesses.

It added that POPIA applies to both public and private bodies) with a general heat map to check its compliance levels and areas of risk relating to POPIA compliance and has merely been provided to assist in expediting the POPIA compliance process.

“The checklist does not make provision for every eventuality and serves only as a useful guide to assist businesses to start focusing on the most common instances where businesses need to be POPIA compliant,” Cliffe Dekker Hofmeyr said.

“The checklist should in no way to be construed as a substitute for seeking legal advice to ensure that your business is fully compliant with the requirements of POPIA.”


Preliminary steps 

Dealing with information in your possession 

Obtaining and processing information 

Requests for access, correction and deletion 

Direct marketing

Cross-border transfers 

List of useful definitions 

Commentary by Lucinde Rhoodie (director), Kara Meiring (candidate attorney), Ngeti Dlamini (senior associate), and Preeta Bhagattjee (director).


Read: Businesses in these areas in South Africa are under the most financial pressure

Must Read

Partner Content

Show comments

Trending Now

Follow Us

The checklist South Africans should see ahead of the new privacy rules in July