What happens when there is an overlap between POPIA and other laws? Which one prevails? What does your organisation need to comply with? Each industry has its own laws, rules, codes and standards that set out the regulatory requirements for issues such as privacy, confidentiality, consent and security. The trouble is that many of these overlap and stipulate varying levels of protection. You are left looking at all of them, but not knowing which one you should follow. How do you know which one you should follow and which one offers your data subjects the most protection? It is crucial that you know which law, rule, code or standard you need to comply with.

What happens when there is an overlap between laws?

If there is an inconsistency between POPIA and another law, POPIA applies or prevails. However, if another law gives the data subject greater protection, the other law will prevail. This means that it might not be POPIA that you have to comply with, but rather some other law. Any compliance program starts with knowing what the regulatory requirement is.

If another law gives the data subject greater protection, the other law will prevail

Let’s look at some examples.

  • In the healthcare industry. POPIA does not require a healthcare provider to get consent from a patient, but the National Health Act does require consent in certain circumstances. The National Health Act applies and not POPIA.
  • In the marketing industry is consent to send direct marketing by SMS. POPIA, the Consumer Protection Act and the WASPA Code of Conduct are all relevant. To know what to do, you need to consider all three.
  • Another example that affects all industries is record retention. What happens when POPIA requires you to destroy a record, but another law requires you to retain it?

How can we help you?

Know what regulatory requirement you need to comply with by asking Michalsons to identify the other laws that are applicable to your organisation and provide you with a matrix of the overlap between POPI and other laws, rules, codes and standards in your specific industry. This will help you see which law, rule, code or standard provides your data subjects with the most protection. We have related experience in the following industries: Healthcare, Telecommunications, Media, Marketing, Pension Funds, Insurance, Financial Services, and Alcohol and Liquor.

We have also looked at the overlap between laws regards the plain and understandable language requirement.

Interested?

If you are interested, please complete the form on the right or enquire now. We will contact you to find out more about your requirements and give you a quote.