Financial Data
Updated 29 Feb 2020


3 Things you should know about POPI

The three most important things businesses should know about the Protection of Personal Information Act.


Nicolene Schoeman-Louw, Entrepreneur, 30 March 2014  Share  0 comments  Print


All the answers to your unique business lifestage questions

The protection of personal information Act or POPI is aimed at regulating the use of and the safeguarding of personal information.

It is a simple fact that every business in some way or form stores personal information, whether it be employment records for staff or client information needed to open an account. In some instances even suppliers are vetted by way of investigating certain types of personal information.

It is thus, a set of regulations that every business must consider seriously, become complaint before November 2014 and by so doing save themselves from a potential a R10 million fine or ten years imprisonment.

What should businesses know now?

 1. What is personal information?

Personal information is any information which includes a person’s name (including a juristic person such as a company), contact details, religion, sexual orientation, personal views, private correspondence, health records, employment records, financial records, etc.

2. Lawful processing of information

In this context processing means any activity or operation relating to personal information of a data subject (natural or juristic person). Businesses must ensure that processing is done in a lawful manner, which means:

  • Ensuring compliance with POPI
  • Processing information in a reasonable manner not unlawfully infringing on the right to privacy;
  • Purpose of collection of the information must be both lawful and related to a lawful function or activity;
  • The information collected must be comparable with the purpose of its collection;
  • The information provided must accurate, complete, updated and not misleading;
  • The person to whom the information belongs must be aware of all matters pertaining to the information;
  • Take certain steps to ensure that the integrity of the personal information is protected and not lost, destroyed or unlawfully acquired;
  • The person whose information is being held may question any aspect of the information.

3. Policy Regulation

Policies regulating collection, storage of information and its release should be drafted for every business. Businesses should assess the degree to which they are processing personal information, whether it is necessary and if so, to put measures in place so as to guide all team members and ensure compliance.

Entrepreneur Mag Logo

Copyright is owned by Entrepreneur Media SA and/or Entrepreneur Media Inc.
All rights reserved. Click here to read our editorial disclaimer.

Rate It12345rating

About the author


Nicolene Schoeman-Louw, Entrepreneur


Introducing the theft & fidelity protection for your business

Theft and fidelity cover are often confused with each other. Bryan Verpoort discusses the difference between the two and why your business should be putting measures in place for both of these risks.

Login to comment