POPI refers to the Protection of Private Information Act and it was signed into law by President Zuma during November 2013. If you are a business owner or a website owner take a minute or two to read more about the recent POPI Act.
The aim of the act is to regulate the way anyone, including business owners, who capture personal information, should manage, keep and secure such information.
POPI Compliance
It will be the responsibility of business owners to make sure that they are POPI compliant and that employees understand and implement the act.
In short, in order to become POPI compliant, businesses now have an obligation to:
a. Only ask for / collect information for a specific purpose.
b. Not to disclose any information to anyone outside your organisation.
c. Keep record of when you received the information and disclose it to the individual on request.
d. Implement security measures to protect the information of individuals.
POPI for website owners
So why is this important for website owners?
Most websites will have a “contact” page where a user, potential client or existing client has the option to contact you via the website.
Some contact pages will have a form where you must fill in your Name, Surname, Email address and sometimes a Cell phone or Landline number. That information is personal and this is where the POPI act plays a role. The POPI Act will force business owners to protect the information of users that was collected through a form from the business website.
E-commerce enabled websites also collect personal information and sometimes also banking information depending on how the website is structured. Besides the strict technical security that applies to e-commerce sites, site owners must also ensure that all personal information is kept safe and up to date.
What must I do to be POPI compliant?
At Masterweb we develop practical websites for business owners; our focus is therefore web development.
We are not legal experts and we always advise clients to obtain expert advice on certain topics or matters.
It is strongly suggested that business owners get professional advice from their attorneys who are qualified to assess a business, and implement the necessary changes to become POPI compliant.
Steven Ferguson from Nicci Ferguson attorneys specialises in Intellectual Property Law and will be able to assist business owners to become POPI compliant.
From an ethical point of view, never disclose any information of users, clients or potential clients to anyone or any company. Build trust with your clients and potential clients by assuring them that their information is safe with your company.
Conclusion
There is a saying, “Rather safe than Sorry”. Take action now to become POPI compliant in order to avoid possible, unnecessary legal action against your company.
Feel free to contact us for more information or leave a comment below.
Author, Fritz Els 24 February 2014
Contributors:
Attorney Steven Ferguson is a managing partner at Fergusons Attorneys. He specialises in Intellectual Property and Information Technology Law. He also hosts workshops about the Protection of Personal Information Bill (POPI).
Steven’s Contact number: 082 571 2574 or email steven@fergusons.co.za
Further Reading
http://www.news24.com/Technology/News/No-govenment-exceptions-on-personal-data-20140205
http://www.news24.com/Technology/News/Your-personal-data-your-problem-20140204
http://www.news24.com/Technology/News/Popi-to-change-the-way-SA-firms-handle-your-data-20140203