Enforcement for South Africa’s Protection of Personal Information Act (POPIA) will begin on July 1, 2021, and OneTrust can help you get ready. With just a few months left to get your privacy program compliant, organizations should consider how they will meet POPIA’s obligations.

Request a demo: Operationalize South Africa’s Privacy Law

POPIA: What You Need to Know

POPIA was signed into law in November 2013 and came into effect July 1, 2020, beginning a 12-month transition period. During that period the Information Regulator, the data protection authority provided by POPIA, was established and held its first meeting late in 2016. 

The act enshrines the right to privacy and makes provision for a range of data subjects rights, including the rights to notice of collection, to request the correction, destruction, or deletion of personal information, to object to direct marketing, to not be subject to automated processing, and to direct private right of action.

Key Terms in POPIA

POPIA uses slightly different terminology compared to many other data protection laws from around the world, the key definitions to note include: 

• Personal information: POPIA refers to a data subject’s “personal information”, compared to the GDPR’s “personally identifiable information.” POPIA’s personal information is broader and includes any personal data regarding a human individual or juristic person. This definition includes biometric information, employment history, personal correspondence, personal opinions, pregnancy, mental health, and the language of a person. 
• Responsible party: The body that decides the purpose and means for processing personal information of a data subject, this would be the equivalent to a controller under the GDPR.

• Operator: A body that processes personal information on behalf of the responsible party. This is equivalent to the GDPR’s definition of a processor.

Request a demo: Operationalize South Africa’s Privacy Law

How Can OneTrust Help You Get Ready for POPIA?

OneTrust can help organizations work towards their POPIA compliance and get ready before the July 1 enforcement deadline. OneTrust can help you get your privacy program ready for POPIA with:  

• Research & Readiness: Stay on top of the latest POPIA developments with research portals and prepare to report to your board with POPIA maturity & planning, and benchmarking tools.  

• Privacy Management Software: Operationalize and automate your POPIA requirements across opt-outs, consumer rights, and privacy governance operations.   
• Professional Services: Get support with planning and implementing POPIA with our implementation and validation services.   
• Global User Community: Network with industry peers on best POPIA implementation practices at free POPIAConnect workshops.

With just a few months before the POPIA enforcement deadline, request a demo to find out how OneTrust can support your compliance.

Follow OneTrust on LinkedIn, Twitter, or YouTube for the latest on POPIA compliance.