The one-year grace period given to South African organisations to comply with the Protection of Personal Information Act (POPIA) will not be extended, advocate Tlakula, chairperson of the Information Regulator, confirmed last week. This means businesses must ensure that they comply with POPIA by 1 July 2021.
As a business owner, you are likely to have been inundated by fear-inducing media reports confirming that businesses that are not compliant by the due date, regardless of whether it is intentional or accidental, will face severe penalties. POPIA indeed makes provision for fines of up to R10 million and a jail sentence of up to 10 years, depending on the seriousness of the breach; but POPIA’s aim is not to punish but rather to establish good business governance principles with regards to the personal information that businesses deal with.
So, when planning your business’ POPIA compliance journey, keep the NIKE strapline in mind: Just Do It.
Contact Maryna Botha at marynab@stbb.co.za for effective assistance.
If you want to find out more about compliance, read the posts referred to in this STBB Thought of the Week.