The Regulations relating to the Protection of Personal Information Act require responsible parties to make use of a compliance framework to implement and monitoring technical and organisational measures and adequate standardsin order to comply with the conditions for the lawful processing of personal information. The Regulations specify that information officers must ensure that this frameowrk is developed.

Read more ...

Section 17 of the Protection of Personal Information Act requires that all responsible parties must maintain the documentation of all processing operations under their responsibility as referred to in section 14 or 51 of the Promotion of Access to Information Act. The purpose of this requirement is responsible parties to be transparent about their processing of personal information.

Read more ...

Consent is not the easy option for a legal basis to process personal information as the conditions that must be met for a person's consent to be valid are onerous.

For consent to be valid it needs to be "informed consent". Prior to asking for consent, the data subjects need to be informed about the purpose for requesting consent.The data subject must also be told that they have the right to object to granting consent and that they may withdraw consent at any time.

Consent is not the easy option for a legal basis to process personal information as the conditions that must be met for a person's consent to be valid are onerous.

For consent to be valid it needs to be "informed consent". Prior to asking for consent, the data subjects needs to be informed about the purpose for requesting consent.The data subject must also be told that they have the right to object to granting consent and may withdraw consent at any time.

Read more ...

An information officer must ensure that awareness sessions are conducted regarding the provisions of the Act, regulations made in terms of the Act, codes of conduct, or information obtained from the Regulator. 

Read more ...

The Protection of Personal Information Act requires responsible parties to maintain the documentation of processing operations under their responsibility which processes the records described in section 14 or 51 of the Promotion of Access to Information Act. 

Read more ...