The Protection of Personal Information Act (called the POPI Act or POPIA) brings an end to the uncertainty surrounding the processing of personal information. POPIA is essentially the South African Data Protection Bill or Data Protection Act.
Is there a Data Protection Act in South Africa?
The Protection of Personal Information Act, 2013 (Act 4 of 2013) (‘POPIA’) was promulgated into law on 26 November 2013, following the President’s signature. POPIA is wide in application and impact, subject to certain exclusions detailed therein, all persons processing personal information.
What is the legislation relating to data protection?
The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR). Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is: used fairly, lawfully and transparently.
What is the most recent legislation for data protection?
The GDPR is Europe’s new framework for data protection laws. It replaces the previous 1995 data protection directive. The new regulation started on 25 May 2018. It will be enforced by the Information Commissioner’s Office (ICO).
Who enforces data protection in South Africa?
Offences and penalties regarding data privacy in South Africa. The POPI Act established the Information Regulator, the supervisory authority (otherwise known as the body for South Africa). Part A of Chapter 5 of POPI has 17 sections (section 39-54), that relate to all aspects of this new body.
What are the principles of data protection act?
At a glance
- Lawfulness, fairness and transparency.
- Purpose limitation.
- Data minimisation.
- Storage limitation.
- Integrity and confidentiality (security)
What is the purpose of data protection act?
The Data Protection Act (DPA) is a United Kingdom Act of Parliament which was passed in 1988. It was developed to control how personal or customer information is used by organisations or government bodies. It protects people and lays down rules about how data about people can be used.
What is RA 10173 all about?
10173 or the Data Privacy Act of 2012 (DPA) “to protect the fundamental human right to privacy of communication while ensuring free flow of information to promote innovation and growth [and] the [State’s] inherent obligation to ensure that personal information in information and communications systems in government and …
What is difference between GDPR and Data Protection Act?
Whereas the Data Protection Act only pertains to information used to identify an individual or their personal details, GDPR broadens that scope to include online identification markers, location data, genetic information and more.
Is Data Protection Act 1998 still valid?
It was superseded by the Data Protection Act 2018 (DPA 2018) on 23 May 2018. The DPA 2018 supplements the EU General Data Protection Regulation (GDPR), which came into effect on 25 May 2018. The GDPR regulates the collection, storage, and use of personal data significantly more strictly.
Is GDPR training mandatory?
GDPR training is not optional!
Ensuring that your employees follow best practice in terms of defending the rights of data subjects is mandatory. GDPR training is a legal requirement. … Training employees and then testing them on an ongoing basis is an important part of that process”.