As of 1 July, numerous emails have been received asking to opt in or out of receiving emails, whatsapp messages being sent asking you to agree to being part of the group and to not share any of the participants details without their consent and many more. Why are we being flooded with these types of messages? The Protection of Personal Information Act (“POPIA”) came into effect 1 July 2021. POPIA regulates how we use, store, and destroy personal information of individuals and juristic persons. The intention behind POPIA is to regulate the processing of personal information, detailing how this information will be handled.
It is important to understand what is considered as Personal Information, this is broadly defined as an information relating to an identifiable, living natural person or juristic person and may include the following:
- Primary details: Contact information, email addresses, telephone numbers etc
- Demographic Information: Race, Age, Gender, marital status etc
- Historic Information: Employment, financial, Educational, Medical, etc
- Biometric Information: Fingerprints, Blood type
- Identifying information: ID or Passport numbers
All of the above information is required in the Skills Development space especially for B-BBEE where learners personal information is required as evidence and all training providers require this information to be able to enrol learners on the NLRD(National Learner Record Database) through the SETA’s. Consulting firms like us who need to gather, process, record and archive this information must be POPIA compliant as we are handling this data on a daily basis. There are heavy penalties that will be imposed for non-compliance with POPIA, with fines up to R10 million and a maximum imprisonment sentence of up to 10 years. The following instances will be deemed as an offence:
- Where information is obtained without consent from the data subject
- Where information is shared, accessed or processed by an unauthorised third party
- Reasonable harm and distress is caused to the data subject
- The responsible party fails to implement reasonable steps to prevent the information from being accessed by an unauthorised party
All training providers, B-BBEE consulting firms, Skills development consulting companies who all operate within the training environment need to ensure they comply to avoid these penalties.
We are fully POPIA compliant, refer to our Legal page {Insert link to legal page} on our website where all our POPIA compliance notices and manuals can be found.