For your body corporate trustees or home owners association directors.
1 July has come and gone and there has been no invasion by officials from the Information Regulator’s office knocking down the doors of businesses with the aim of issuing fines of millions of rands.
Does this mean there is no POPIA? No, POPIA is in force and, looking at the many businesses that have reviewed their way of doing things to ensure the best protection of the data that they keep, the Act has had a good start.
Is that all there is to it then? Yes and no. In essence the Act merely requires of organisations and businesses to be accountable for the personal data of others that they process. A simple task on the face of it, but when one looks deeper into it, it requires a lot of thinking, planning and patience to achieve and maintain.
Trustees of sectional title body corporates and directors of home owners’ associations may find compliance challenging, as they often have a small(er) role to play in the daily management of schemes (and related processing of data), this function often left to a managing agent. As the law reads now, the trustees or directors may not simply stand back and must obtain assurance that the managing agent will always deal with their respective organisations’ data reliably, as required in POPIA. .
Trustees and directors have been targeted by a lot of hyped media about the consequences of not having lists of policies and (often superfluous) consents filed away. Our answer: Relax, and get proper guidance.
Let STBB assist your residential, commercial or mixed-use scheme to engage with POPIA sensibly, as the Act requires. Remember, there is no “I am done” tick box here. POPIA requires of organisations to adapt from time to time, to respond to real risks that may emerge relating to unauthorized access to data, improper use of data or to data compromises.
Contact STBB for sound assistance.