POPIA (the Protection of Personal Information Act) was enacted in November 2013 and came into effect on 1 July 2020. Entities were given one year from the commencement date to become compliant, namely until 1 July 2021.

The purpose of POPIA is, in short, to give effect to the constitutional right to privacy while balancing it against the right of access to information. Information has never been more readily available than it is today. While this has led to advancements across all sectors and the creation of the global village, it has also raised questions as to what information should be accessible - how, why, and by whom. Internationally great strides have been made to protect personal information with legislation rising to meet the demands of lives and businesses which are increasingly lived online.

Moving forward, the protection of personal information will be a requirement for conducting business both locally and internationally. With the advent of POPIA, South Africa has finally caught up with the advancements in international law and, with it, has kept its position as a player on the global stage. All in all, POPIA is not to be feared, but to be embraced as the new normal. It is, quite literally, the way of the future and it will be crucial to incorporate into standard business practices for client and consumer trust.

While the penalties of non-compliance with POPIA are strict, the requirements are reasonable and proportionate when one considers the vast swathes of personal information possessed and processed by individuals and companies alike. POPIA compliance is necessary, achievable and desirable.

Shepstone & Wylie has welcomed the recent developments and has created a department to specifically cater for the provisions of POPIA and its ongoing implementation.

If you have any queries relating to POPIA compliance, Shepstone & Wylie is here to help. Protection of Personal Information - Shepstone & Wylie