Gadget

Set stopwatch to 1 April for POPI compliance

The Information Regulator has approached the President to issue a commencement date of 1 April 2020 for the remaining provisions of the Protection of Personal Information Act (POPI). 

“While businesses have 12 months to comply once all POPI provisions are in effect – the implications of non-compliance are so significant that developing a compliance mindset as soon as possible is imperative,” says Louella Tindale, data protection specialist at Caveat Legal.

Practically speaking, these are steps that businesses can start taking on the road to compliance:

“The duty to comply may not be limited to POPI, and international data protection laws may also apply,” Tindale cautions. “If you are processing the personal information of EU residents you may need to comply with the EU General Data Protection Regulations, and if intend receiving personal information of EU residents on behalf of a US company, it is likely that such US company will require you to comply with the terms of the EU-US Privacy Shield.”

Exit mobile version