Wouldn't it be lovely if there were a comprehensive checklist that could help you comply with POPI or POPIA? Because the Protection of Personal Information (POPI) Act in South Africa is a principle-based law, it is not possible to [...]
The grace period for your organisation to comply with the Protection of Personal Information Act (POPI Act or POPIA) ended on 1 July 2021. Just so you know, you have to comply now. What action does your organisation need [...]
Are you looking for a POPI Act summary to help your POPI compliance process? It is a complex law that is difficult to summarise. It has a broad impact on many entities and industries. The impact is also different [...]
Many associations publish a code of conduct (CoC) to which their members must adhere. It is binding on their members and self-regulation in the public interest. There are often good reasons for drafting and publishing a code. Sometimes, it [...]
If you're searching for love, consent is critical. But when it comes to data protection, consent can be more like a complex dance that's anything but alluring. Navigating the intricate steps of 'Consent in Data Protection Law' can make [...]
As a member of the Michalsons data protection programme, you’ve conquered the mountain by raising awareness, planning your steps to protect personal information, and implementing those steps. Now you’re enjoying your mountain’s view and walking the scenic contour path [...]
Do you already have a PAIA manual or Access to Information manual? Are you wondering whether it is in-line with the latest laws and regulations in South Africa? Is your PAIA manual in-line with POPIA (Protection of Personal [...]
The POPI commencement date (or POPI effective date) is 1 July 2020. The President has proclaimed 1 July 2020 to be the date. It is important because a grace period of one year starts running from the commencement date [...]
The Information Regulator in South Africa published the first POPI regulations on 14 December 2018 (or POPIA regulations or POPI Act Regulations as some people call them). The regulations say that "These Regulations shall be called the Regulations relating [...]
In everyday language, a ‘one-stop shop’ is a business offering multiple services and the only place you need to fulfil your needs. A ‘one-stop shop’ means something else from a data protection perspective in the context of the GDPR, although [...]
This week, the UK Information Commissioner's Office (ICO) issued two intentions to fine organisations for breaches of the GDPR. It has not issued these GDPR fines yet, and both organisations still have an opportunity to respond to the intention with [...]
Do not try to protect all the personal information you process all of the time. You should only do what is reasonably practicable to protect personal information. This might sound strange coming from a lawyer who helps organisations to comply with [...]
