POPI panic is taking hold as businesses rush to ensure that they comply with the POPI Act before the deadline of 1 July 2021.
Although the deadline is fast approaching, businesses can take steps to comply with the POPI Act, including the following:
Appoint an information officer – Businesses should appoint an information officer, who will have certain mandatory duties under the Act. If an information officer is not appointed, the head of the business will be the information officer, by default. The information officer must become familiar with its duties under the Act.
Develop POPI policies and procedures – Businesses should develop policies and procedures to determine activities in relation to the Act.
Review and assess existing agreements, policies and procedures – Once POPI policies and procedures have been developed, businesses should consider all other agreements, policies and procedures against the POPI framework and attend to necessary amendments to ensure compliance within the various business functions.
Implementation – POPI policies and procedures must implemented in order to achieve compliance. Policies and procedures must be monitored and, when necessary amended.
Educate – Businesses should ensure that staff are property trained as to their duties in relation to the Act.
Failure to comply with the Act can result in fines, imprisonment and reputational damage, which may be impossible to recover from. Businesses should therefore prioritise compliance.