What happens when there is an overlap between laws (like POPI and other laws)? Which one prevails? Each industry has its own laws, rules, codes and standards that set out the regulatory requirements for issues such as privacy, confidentiality, consent and security. The trouble is that many of these overlap and stipulate varying levels of protection. You are left looking at all of them, but not knowing which one you should follow. How do you know which one you should follow and which one offers your data subjects the most protection?
What happens when there is an overlap between laws?
If there is an inconsistency between POPI and another law, POPI applies or prevails. However, if another law gives the data subject greater protection, the other law will prevail. This means that it might not be POPI that you have to comply with, but rather some other law. Any compliance program starts with knowing what the regulatory requirement is.
If another law gives the data subject greater protection, the other law will prevail
Let’s look at an example in the healthcare industry. POPI does not require a healthcare provider to get consent from a patient, but the National Health Act does require consent in certain circumstances. The National Health Act applies and not POPI.
Another example in the marketing industry is consent to send direct marketing by SMS. POPI, the Consumer Protection Act and the WASPA Code of Conduct are all relevant. To know what to do, you need to consider all three.
Another example that affects all industries is record retention. What happens when POPI requires you to destroy a record, but another law requires you to retain it?
How can we help you?
We will identify other laws that are applicable to you and we will provide you with a matrix of the overlap between POPI and other laws, rules, codes and standards in your specific industry. This will help you see which law, rule, code or standard provides your data subjects with the most protection. We have related experience in the following industries: Healthcare, Telecommunications, Media, Marketing, Pension Funds, Insurance, Financial Services, and Alcohol and Liquor. We have also looked at the overlap between laws regards the plain and understandable language requirement.