POPI regulations: open for comment



These materials are provided for general information purposes only and do not constitute legal or other professional advice. While every effort is made to update the information regularly and to offer the most current, correct and accurate information, we accept no liability or responsibility whatsoever if any information is, for whatever reason, incorrect, inaccurate or dated. We accept no responsibility for any loss or damage, whether direct, indirect or consequential, which may arise from access to or reliance on the information contained herein.

© Copyright Webber Wentzel. All Rights reserved.

Further to our last e-alert (available here) on POPI (or POPIA, as it is now referred to by the Information Regulator), the Information Regulator has now issued draft regulations (click here and here) for public comment

While the draft regulations are primarily procedural in nature, key points include:

  • Consent to direct marketing: POPI prohibits the processing of personal information for the purposes of direct marketing by unsolicited electronic communications, save to an existing customer (in limited cases) or with consent. Valid consent will need to be provided in a form ​​​which "corresponds substantially" with the prescribed form. It appears to require written consent, signature and submission by post, fax, or email. Standard click-to-accept consent might not be adequate.
  • Information officer: the duties and responsibilities of the information officer have now been crystallised. There is a clear focus on compliance and the requirement for a new information manual.
  • Industry code of conduct: the regulations provides for any private or public body which, in the opinion of the Information Regulator, is "sufficiently representative" of any industry, to apply for an industry-wide code of conduct. We anticipate that many industries may seek to regulate industry-specific issues in this way.
  • Health information: the Information Regulator is also considering more detailed rules governing when it is "necessary" for health information to be processed, and is inviting comments and input. This will be of particular interest to the following:
    • insurance companies, medical schemes, medical scheme administrators and managed healthcare organisations; and
    • administrative bodies, pension funds, employers or institutions working for them.

The draft regulations are open for comment until 7 November 2017. ​​

Webber Wentzel > News > POPI regulations: open for comment
Johannesburg +27 (0) 11 530 5000
Cape Town +27 (0) 21 431 7000
Validating email against database, please wait...
Validating email: please wait...
Email verified: Please click the confirmation link sent to your mailbox, also check junk/spam folder. If you no longer have access to this email address or haven't received the verification email then email communications@webberwentzel.info
Email verified: You are being redirected to manage your subscription
Email could not be verified: Please wait while you are redirected to the Subscription Form
Unanticipated error: Saving your CRM information Subscription Form