Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Key principles To give people knowledge about
processing of their PI.
To provide a framework for organisationshandling information.
To protect against possible misuse of personal information.
When does POPI apply? Processing of PI (entered in a record) by
automated means, or non-automated means (in a
filing system)
Exceptions: Personal/household activities
De-identified PI
Terminology Personal information Processing Role players
POPI’s conditions in a nutshellObtain and process PI in accordance with the law
Use, disclose and keep PI for specified, explicit andlawful purposes
Keep PI safe and secure
Keep PI accurate, complete and up-to-date
POPI’s conditions in a nutshell (cont.)Ensure that PI is adequate, relevant and notexcessive
Retain PI for appropriate period
Give access to data subject, when requested
Specific issuesCross-border transfer of information
Direct marketing
Where to start?1. Who is in charge in your organisation?2. What steps do you take to ensure security?3. What PI is processed in your organisation?4. Who has access to the PI? Why?5. Policies, consent forms, notices and contracts6. Will you need to obtain authorisation?7. Do you send information across the border?8. Do you do direct marketing?