POPI and Healthcare 2017-12-07T07:00:42+00:00

POPI is likely to have a big impact on the healthcare and related sectors. It treats information about the health and well-being and the sex lives of individuals as especially sensitive, and lays down strict rules about how this information can be handled. At the same time, it has become much easier to lose, copy, steal, delete or misuse large databases of sensitive information than it was even a few years ago. The risks of reputational damage associated with data breaches are also higher than in the past. It is therefore very important for the healthcare and related sectors, including the individuals and operators that process health information, to understand the impact of POPI.

The people, companies and organisations that will have to assess their practices and policies for handling health-related information include doctors, dentists, nurses, pharmacists, psychologists, chiropractors and homeopaths (and other complementary health practitioners), students, GP practices, clinics, hospitals, medical aid schemes, pension funds, insurers, schools, training institutions, certain government agencies (such as social services and prisons), research facilities, policymakers and employers.

POPI will also affect anyone who collects, stores, reads, communicates, administers, analyses or in any other way handles personal medical information on behalf of the health and related sectors, including employees (secretaries, assistants, technicians), database administrators, and certain other specialised service providers (including those in ‘the cloud’) and operators such as loyalty scheme providers.

POPI may impact your organisation in surprising ways.

We offer a presentation, seminar, workshop, or executive briefing on this topic by an expert with practical experience. We also offer an eCourse on request.

Course material

We will provide attendees with:

  • a link to an electronic copy of our presentation,
  • our POPI Mapper – a tool to map activities,
  • a list of POPI Action Items so that the session translates into practical action, and
  • an audio recording of the event (private sessions only).

Who should attend and why?

  • Legal advisors (corporate lawyers or in-house lawyers) – to provide good legal advice on privacy issues
  • Compliance officers – to effectively comply with privacy laws
  • IT Governance officers and specialists – to govern ICT
  • Information officers – to balance access to information and protection of information
  • Auditors and assurance providers (internal and external) – to audit and provide assurance regards privacy
  • Risk Officers and Managers – to manage privacy risks
  • Directors (executive and non-executive, CEOs and FDs) – to discharge their legal duties and direct the course of the organisation, Especially directors of organisations whose business is the processing of personal information.

Public workshops

We will be running public workshops in Cape Town and Johannesburg later in 2017, but we have not yet set dates. If you’d like to attend this workshop, send us an email asking us to set a date. We limit delegate numbers, so bookings are done on a first come, first served basis. We aim to give practical insights that you can use to be effective. We do not give law lectures! We will refund you, if you do not think you received value.

Private workshops

In addition to our public workshops, we are able to provide private in-house workshops to you at your premises.


If you are interested, please complete the form on the right or enquire now. We will contact you to find out more about your requirements and give you a quote.

Who is the presenter?

practical attorney from Michalsons. We will ensure the attorney is the best person to present the course depending on the type of course, the date, the specific issues and the attendees. For example, Andrew Weeks usually presents on this topic. Andrew is a practical and internationally experienced commercial attorney, with specific expertise in the protection of health-related data and consumer protection law. He has good experience dealing with issues like open data, and the sharing and use of health data. He enjoys educating clients about the impact of data protection law on the healthcare sector.

How long is it?

We provide this course in different formats. Public and private sessions can last for anything from 45 minutes, half a day or a full day. We also provide eCourses that can be done via the Internet at your convenience. We welcome enquires for more information and details.


Our public workshops are at various venues around the country. We choose venues that are central so you can get to it easy, that have adequate parking, good food, and that ensure you are comfortable. We are happy to hold a private workshop at your venue.