Course Name
DL19 - Protection Of Personal Information Act, POPIA & PAIA
Course Description

The Protection of Personal Information Act (POPIA) was promulgated on 26 November 2013, being effective for a few years now. There are no excuse from companies not to comply! Non-compliance with POPIA and PAIA regulations can lead to criminal and civil fines against companies, the Head of the organisation and ultimately complaints to the Regulator. Although the fines are hefty, the reputational and ethical damage suffered through privacy breaches within an organisation, may be incalculable!

This three hour session aims to simplify the Act to make it practically applicable to your business and demistify the duties of the Information Officer and concepts such as the impact assessment, compliance framework and much more.

Approach

Labour Smart has developed various training sessions, which can be presented online or face to face (we call it distance learning courses), to accommodate Responsible parties on their road to compliance. The courses are practical and highly interactive and designed to solicit interaction from the delegates. This approach stimulates change in thinking and practice and will provide delegates with a safe environment to test ideas, knowledge and practices. The delegate will be supplied with a workbook, inclusive of regulations or codes of good practices. In line with our commitment to the environment we supply our products and material electronically and all delegates will receive all the relevant information electronically.

Outlines for our POPIA and PAIA Courses

1. Our awareness POPIA and PAIA courses are either a full day course or half day (depending on the need of the client for an overview or more in-depth training) and are presented online as distance training or face to face.
2. Our half day POPIA and PAIA courses for management consist of either distance learning or face to face training. This includes the duties of the Information officer, the deputy information officer, the development and implementation of the compliance framework and risk analysis.
3. One-hour sessions are presented for Boards and senior management on the critical elements of compliance and the duties of the Information Officer.

Duration
half day
Cost
R950.00

Login or Register

Module 1 : The Act

  • The need for personal data protection laws in South Africa and prevailing international trends
  • GDPR and how it affects South African companies
  • The Purpose of POPIA
  • The Purpose of PAIA and the synergy between the two pieces of legislation
  • Discussion on definitions

Module 2 : General Conditions

  • What is lawful processing?
  • The 8 Conditions for Lawful Processing of Personal Information
  • The rights of the Data Subject
  • What is required to give informed, specific and voluntary consent
  • What is the right to be forgotten?
  • Is POPIA mainly an IT function? The role of IT, finance and risk and compliance departments?
  • Cookies and privacy – what can, or must we put on our website?
  • Privacy by design

Module 3 : Specific Conditions

  • Special personal information and information relating to children
  • What does organisational and technical measures mean in terms of condition 7?
  • The Information officer and Deputy information officer – role and duties
  • Relationship between POPIA and other legislation such as PAIA and consumer protection?
  • Specific Human Resources conditions for Lawful Processing of Personal Information
    • Recruitment
    • Video recordings
    • Credit and criminal checks
    • Access control

Module 4 : Enforcement & Penalties, Regulations

  • Enforcement, Penalties, Offences and Measures to give effect to the Protection of Personal Information Act
  • The Regulations
  • Who is the Regulator and what is her function and duties?

Module 5 : Practical implications

  • What is a gap analysis or preliminary impact assessment?
  • The role of awareness training
  • Where to start with implementation – roadmap, planning and risk analysis
  • Control measures, risk management on privacy
  • How does privacy affect the average employee?
  • Case law on privacy protection – development of SA law on privacy

Module 6 : PAIA

  • PAIA – summary on duties on PAIA
  • State duties v personal organisation duties and information
  • How to deal with a request for disclosure of information
  • Record keeping and reporting to the Regulator