Is your Website POPI Compliant?
Officially the Personal Protection of Information Act, or POPI, has been in effect since 01 July 2020. However, a 12-month grace period was provided for businesses to get their data processing affairs are in order and conform to the requirements laid out by the Act.
That means, as of 01 July 2021, your affairs are required to be in order.
Which poses the question: is your website POPI compliant?
Let’s take a closer look at what your website needs to become POPI compliant and to ensure that you have covered all your bases.
What is POPI?
Before we dive into the website compliance requirements, let’s first remind ourselves of what the POPI Act is all about.
As of 26 November 2013, the POPI Act was publicised with the intention to promote the right to privacy as provided for by the Constitution. With this in mind, POPIA is designed to create a balance between the legitimate needs of a business to collect and use personal information with the individual’s right to privacy.
This personal information can range from basic information like age, ethnicity and religion to more identifying information like e-mail addresses, telephone numbers or physical addresses among other personal information types.
In the case of most businesses, personal individual information is required to conduct business but it is the responsibility of the business to ensure that this important customer information remains securely stored and is only used for its intended purpose.
And this is where privacy policies and PAIA manuals come into play.
This is not just to protect the business or to comply with POPIA, but it is also important that customers are able to access this information as they have a right to know as described by the Constitution.
What is a PAIA Manual?
Although the PAIA manual has always been a requirement for websites since the introduction of POPIA there are amendments that need to be made to the current information that is listed in the manual.
The PAIA manual describes the process by which customers can request to view their personal information which has been provided to the business. In order to remain compliant, POPIA requires the business to develop, monitor, maintain and make available a compliant PAIA manual.
While this information may seem daunting, becoming POPIA compliant is much easier, inexpensive and simpler than you may have imagined.
Simply register your business to gain access to all the tools needed to get your website POPI compliant.
In accordance to the regulations stipulated within the POPI Act, all staff and employees who are responsible for the processing of personal information are required to undergo training. This is why POPI.Legal also offers POPIA awareness training to educate your employees on the ins and outs of the POPI Act.
Training can be completed in chapters and once all the chapters have been completed, the employee will receive a PDF certificate proving that they have undergone the POPIA training.