The Safety of Private Info Act (PoPIA) comes into full impact from 1 July 2021.
This date ought to come as no shock to anybody or any enterprise, as we have now all had a yr to return up to the mark. Nevertheless, in actuality many organisations are discovering themselves scrambling with lower than 80 days to go.
The authorized compliance panorama as an entire is difficult to return to grips with, which is the place Short-term Employment Service (TES) suppliers can provide help.
Making certain your TES supplier is PoPIA criticism will make a minimum of the staffing facet of the enterprise compliant, leaving companies to concentrate on different core areas that will should be urgently addressed.
Penalties for non-compliance
Companies have been struggling not solely with PoPIA, however authorized compliance typically.
The legislative panorama modifications always, and with out devoted sources to make sure compliance, companies could also be unaware that they’re in danger.
The fact although is that ignorance isn’t any excuse within the eyes of the regulation, so ought to companies be in breach they’re nonetheless responsible for the implications.
The penalties of non-compliance with PoPIA will be extreme, starting from fines as much as R10 million for severe offenses to jail time of 10 years.
Companies have to appoint an info officer tasked with compliance, who will probably be registered with the knowledge regulator. Ought to there be a compliance breach that must be investigated, the knowledge officer would be the go to individual.
They can even be the one who might doubtlessly face the implications ought to or not it’s proved that the breach resulted from lack of due effort, or from negligence on the a part of the enterprise. Ought to the corporate not have an info officer, then the CEO or MD will face the blame.
Recovering from Covid-19
Because the financial system begins its restoration after the Covid-19 lockdowns, companies have begun hiring once more.
What they should at all times keep in mind is that PoPIA is a broad-ranging laws, and it encompasses each factor of enterprise, together with staffing and hiring.
From recruiting candidates to the way in which info is dealt with, together with worker, provider and third-party information, and the IT techniques that course of it, all the pieces have to be PoPIA compliant.
Compliance just isn’t solely the massively publicised information breaches, it goes proper all the way down to submitting techniques, how paperwork is retained and destroyed, who has entry to it and extra.
PoPIA additionally requires companies to reveal what info is being gathered, for what goal, and the way it will likely be saved.
The definition of non-public info can be broad, together with signatures, medical historical past, ID quantity and even employment historical past.
In terms of staffing, this explicit space additionally incorporates quite a few different legal guidelines and authorized necessities, making it difficult for a lot of companies to familiarize yourself with.
TES may help
Outsourcing staffing to a TES supplier can help companies with their PoPIA compliance initiatives.
An skilled supplier may have a few years of trade information and expertise to attract on in addition to the related authorized groups and data officers to make sure compliance.
A compliant TES supplier will be certain that all insurance policies, practices and IT techniques adjust to all related authorized necessities, and can be certain that info is processed in accordance with the relevant laws.
Outsourcing the staffing and recruitment operate, and even a complete enterprise course of by way of Enterprise Course of Outsourcing (BPO), can be certain that one or a number of areas of a enterprise are PoPIA compliant.
This allows companies to show their focus to different areas that require consideration with the intention to guarantee compliance.
Finally, PoPIA compliance is a should for all companies of all sizes in all industries. Nevertheless, it needn’t be seen as a burden, as outsourcing some features, corresponding to staffing to a TES, can ease the pressure.
As well as, it can probably profit companies to make sure their processes are compliant, by making certain a extra streamlined method to information that may enhance enterprise effectivity.
As we method the deadline, companies have to take pressing steps to mitigate their threat of non-compliance, earlier than it’s too late.