___________________________________ ___________________________________ HUMAN BEHAVIOUR & ETHICS | LIFE & BUSINESS MASTERY MEDIATION & LEGAL SOLUTIONS | CORPORATE TRAINING ___________________________________ ___________________________________ ___________________________________ ___________________________________ ___________________________________ ___________________________________ ___________________________________ ___________________________________ What is the POPI Act? How to protect yourself in terms of the Act. How POPI fits into your practice. ___________________________________ ___________________________________ ___________________________________ ___________________________________ ___________________________________ WHAT IS THE POPI ACT? ___________________________________ POPI refers to the P rotection o f P ersonal I nformation Act, ___________________________________ It aims to ensure that all South African Institutions adhere to responsible conduct when collecting, processing, storing ___________________________________ and sharing another Personal Information. ___________________________________ ___________________________________ ___________________________________ Adv. Mabel Slabbert (c) UNAUTHORISED REDISTRIBUTION OF THIS MATERIAL IS PUNISHABLE BE LAW.
___________________________________ WHAT IS THE PURPOSE OF POPI? ___________________________________ • To promote the protection of personal information processed by public and private bodies • To introduce certain conditions to establish minimum requirements for processing personal information • ___________________________________ To provide for the establishment of an Information Regulator to exercise certain powers and duties in terms of this Act and the Promotion of Access to Information Act • To provide for the issuing of codes of conduct • To provide for the rights of persons regarding unsolicited electronic ___________________________________ communications and automated decision making • To regulate flow of personal information across the borders of RSA ___________________________________ ___________________________________ ___________________________________ ___________________________________ POPI LEGISLATION AIMS TO BESTOW CERTAIN RIGHTS UPON THE INDIVIDUAL ___________________________________ INCLUDING CONTROL OVER: • WHE HEN and HO HOW one chooses to share personal information (requires consent) • The TYP YPE and EX EXTENT of information you choose to share ___________________________________ (must be collected for valid reasons) • TRANSPARENCY and ACC CCOUNTABILITY Y on how data will be used (limited to the purpose) ___________________________________ • Gaining ACC CCESS to one’s OWN INF INFORMATION & the right to have data removed or destroyed ___________________________________ ___________________________________ ___________________________________ PERSONAL INFORMATION ___________________________________ • Contact details: email, telephone, address etc. Personal • Demographic information: age, sex, race, birth date, ethnicity ___________________________________ broadly means • History : employment, financial, educational, criminal, medical any information • Biometric information: blood type etc. relating to an identifiable, living, • Opinions of and about the person ___________________________________ natural person or • Private correspondence juristic person (companies, CC’s NB: Some e personal onal informa rmation on, on its s own does not reve eveal al etc.) and includes, someone’s identity. Eg Eg. A name e ___________________________________ but is not limited A U UNIQUE UE IDENTIFI FIER ER reveals als the iden entity y of a person on. . Eg Eg. ID to: Numbe ber or Name & C Conta tact ct Numbe ber r ___________________________________ ___________________________________ ___________________________________ Adv. Mabel Slabbert (c) UNAUTHORISED REDISTRIBUTION OF THIS MATERIAL IS PUNISHABLE BE LAW.
___________________________________ ___________________________________ ___________________________________ ___________________________________ ___________________________________ ___________________________________ ___________________________________ KEY TERMS DEFINED ___________________________________ SPECIAL • Religious or philosophical beliefs PERSONAL • Race or ethnic origin ___________________________________ INFORMATION • Trade Union Membership • Political persuasion ___________________________________ • Health or Sex life (including HIV status.) • Criminal behaviour/records/history • Biometric Information : ___________________________________ • Personal information of subject’s children ___________________________________ ___________________________________ ___________________________________ ___________________________________ KEY TERMS DEFINED: • Collection PROCESSING • Usage ___________________________________ • Storage • Dissemination ___________________________________ • Modification • Destruction ___________________________________ (whether such processing is automated or not.) ___________________________________ ___________________________________ ___________________________________ Adv. Mabel Slabbert (c) UNAUTHORISED REDISTRIBUTION OF THIS MATERIAL IS PUNISHABLE BE LAW.
___________________________________ KEY TERMS DEFINED ROLE PLAYERS • DATA SUBJECTS : natural persons, or entities such as companies, ___________________________________ communities or other legally recognized organisations with the right to protections of Personal Information • RESPONSIBLE PARTY: company or organization entrusted and liable to protect ___________________________________ Private Information • INFORMATION REGULATOR: a regulating authority set up by the government to ensure compliance to POPI ___________________________________ Central Offices will be in Gauteng. Chaired by: Adv Tlakula, Mr Weapond, Adv Stroom, Prof Pistorius and Mr Snail ___________________________________ ___________________________________ ___________________________________ ___________________________________ DOES POPI REALLY APPLY TO ME? YOU ARE A RESPONSIBLE PARTY UNDER THE POPI ACT IF YOU ARE A ___________________________________ PUBLIC OR PRIVATE BODY OR ANY OTHER PERSON WHICH, ALONE OR IN CONJUNCTION WITH OTHERS, DETERMINES THE PURPOSE OF & MEANS FOR PROCESSING PERSONAL INFORMATION. ___________________________________ There are cases where POPI does not apply. Exclusions include: • purely household or personal activity • sufficiently de-identified information • some state functions including criminal prosecutions, national security etc. ___________________________________ • journalism under a code of ethics • judiciary functions etc. ___________________________________ ___________________________________ ___________________________________ ___________________________________ RESPONSIBLE PARTY VS. OPERATOR It’s important to know whether you are regraded as an ‘operator‘ or ‘responsible ___________________________________ party ’. Both have certain obligations but the responsible party has a much broader responsibility. To determine if you are an operator, you can ask yourself whether you: ___________________________________ 1. Process the data solely in the interest of and on behalf of another, 2. Do so only according to their instructions , but without coming under their direct authority, 3. In terms of a written contract, 4. Would dispose of the data after the arrangement ends, 5. Are merely a service provider , and ___________________________________ 6. Do not use the data for any of your own purposes If all the above are true, you are probably an operator – if not, you are a responsible party. ___________________________________ ___________________________________ ___________________________________ Adv. Mabel Slabbert (c) UNAUTHORISED REDISTRIBUTION OF THIS MATERIAL IS PUNISHABLE BE LAW.
Recommend
More recommend
