POPI investigations have commenced, are you ready?

Share This Post

The Information Regulator is embarking on a “target-based compliance monitoring exercise” which appears to be targeting randomly selected organizations across the country. This inspection comes almost two years post POPI coming into full force and effect and is a mandated legislative function to be performed by the Information Regulator under section 40 (1)(b)(i) of POPIA.

 

Letters of inspection have already been issued to several organizations, of whom LabourNet is one. LabourNet Group has submitted all the necessary documentation within the instructed 5-day period as requested by the Information Regulator and await feedback on the outcome of our investigation.

 

The Information Regulator requested the following information from LabourNet, which we believe will form the core basis of the Information Regulator’s first rounds of investigations:

 

  • Proof of registration of any Deputy Information Officer(s)
  • Evidence of Staff Training
  • Privacy policy demonstrating compliance to the 8 conditions of lawful processing
  • Effective security safeguards in place to prevent the unlawful and unnecessary destruction of personal information
  • A comprehensive and sufficient Data Retention Policy

 

 

It is imperative that you are prepared and informed about what is expected from your Organisation, in order to prepare for the inevitability of investigations.

 

Should you receive such notice, we advise you contact your information Compliance Consultant immediately for assistance in guiding you through this process and if you are not already an Information Compliance client, contact your nearest branch for a quotation of our services.

More To Explore

POPIA
Information Compliance

Popping Candy and Cookies

Cookies and Pop rocks, remember how that would’ve got us excited back in the day! Although today’s article is not as sweet, the contents are still pretty saccharine.  We have

POPIA
Information Compliance

The Practical Side of POPIA

The Protection of Personal Information Act (“POPIA) has been in force for over 12 months. Organizations – private and public were given a one year grace period to become compliant.