Address: 8 Houlton Drive, Palm Beach, 4275, KwaZulu-Natal, South Africa | Tel: 031 702 0449 | Fax: 086 605 2670

POPI legislation aims to promote the protection of personal information

First gazetted in November 2013 POPI legislation aims to promote the protection of personal information and the way in which public and private bodies handle and manage personal information. Due to the development of technology around the world, a person’s personal information has become somewhat of a commodity, which others can manipulate in ways that threaten the safety of many individuals. As the worldwide web grew and access to technology became imminently available by a large proportion of the world’s inhabitants, so too was an opportunity created for a person to be manipulated or corrupted by others who have been able to access this information.

Ways in which a person’s information must be protected are in the collection storage and distribution. Begin by planning for the future in line with the regulations which have been implemented and do not try to bite off more than you can chew. The Act is extensive and may require a professional or specialist in specific areas, to assist you. A good example of this is IT. When an employee leaves your employ, you will need to ensure that their personal information is correctly erased from your records. Not everyone knows this, but simply deleting a file or folder from your computer, will not be enough to erase the terminated individual’s information. Computer technology very cleverly ghosts information which has been stored on hard drives, which, if you know what to do, can be accessible after it has been deleted. It is therefore important to ensure that when laptops and pcs are decommissioned, so too is the hard drive. This means not simply tossing the computer away but rather ensuring that the information which had been stored on the computer is absolutely destroyed so that no one can access it.

Technology and those who live on the cusp of all new technological inventions are able to access information stored anywhere on an employee’s computer which is on a network, has access to the internet, or where information is stored on a cloud. Criminal minds make easy work of taking advantage of those who are not computer savvy and who are naive to the ways in which they can be manipulated into giving away their information. As an employer, you have the responsibility to ensure that you do not allow anyone who is not permitted access to the personal information of your employees, to threaten their right to protections. Threats can come from within your business just as easily from outside of your business whether it be intentionally or unintentionally, with malice and intent, or through a lack of awareness and education.

Being that when a person’s information is accessed, what can be don’t with that information is rather disturbing. One may not really believe the movies where a person’s identity is stolen resulting from their information being hacked and just how this can destroy a person’s life. Hackers not only will take your money out from underneath you while you stand helplessly by and watch, but they could also have the ability to completely ghost you in your life. Once a person has access to your ID number, this information can be used to re-create your life for another person for a vast range of undesirable reasons, political and criminal.