Last week the Information Regulator published the Guidelines for Information Officers and Deputy Information Officers. These guidelines include instructions on how to register your business’ Protection of Personal Information Act (POPIA) Information Officer with the Information Regulator. Registration starts from 1 May 2021 onwards.
The Guidance Note also provides more details regarding the responsibilities and liabilities (including possible criminal liability) of the Information Officer and who may fulfil this position. Notably, for non-government entities, the Information Officer must be an employee of the entity at an executive level or equivalent position at management level.
Many businesses are still postponing the inevitable need to obtain assistance with the implementation of their POPIA compliance. However, as the 1 July 2021 POPIA compliance date deadline looms, now is a good time to be chipping away at your business’ POPIA plans. This includes nominating and registering your POPIA Information Officer and investigating whether you may appoint deputies or third parties to assist, amongst other things.