POPIA: Role of the Information Officer

Information Officers are those individuals who the head of a public body or CEO of a private body registers with the Information Regulator in terms of the Promotion of Access to Information act and the Protection of Personal Information Act as Information officers or Deputy Information officers.

The Protection of Personal Information Act requires that the heads of public bodies and CEO’s of private bodies register with the Information Regulator details of the postal and street address, phone and fax number and, if available, electronic mail address of their Information officers and any Deputy Information Officers so that data subjects and the Information Regulator may contact these individuals regarding access to information and compliance with the conditions for lawful processing of personal information set out in the Protection of Personal Information Act.

The purpose of this seminar is to assist Information Officers and Deputy Information Officers understand their role and responsibilities in terms the Promotion of Access to Information Act (PAIA) and the Protection of Personal Information Act.

It is the responsibility of the “Information Officer” to encourage the organisation’s responsible parties to process personal information lawfully and in a reasonable manner that does not infringe the constitutional rights of individuals to privacy. Processing of personal information must comply with the eight conditions imposed by the Protection of Personal Information Act.

 

SEMINAR OBJECTIVES

Participants will receive an overview of the POPI Act and obtain a specific understanding of the role and responsibilities of the “Information Officer”.

On completion of this seminar, participants will be able to:

  • Articulate the significance of the Protection of Personal Information Act
  • Demonstrate an understanding of the duties and responsibilities of information officers
  • Describe the role, responsibilities and legal obligations of the responsible parties.
  • Describe the roles and the responsibilities of the other parties concerned about the processing of personal information
  • Explain the conditions for the lawful processing of personal information
  • Communicate the conditions for lawful processing personal information contained therein.

 

SEMINAR OUTLINE

Participants will receive instruction about and discuss the role of an Information Officer, the requirements of the Promotion of Access to Information Act and the Protection of Personal Information Act. Participants will discuss practical examples of issues that an Information Officer is expected to deal with in the course of discharging his/her responsibilities.

This seminar includes topics about:

  • Registering Information Officers with the Information Regulator
  • The duties and responsibilities of the Information Officer
  • Designation and delegation to Deputy Information Officers
  • Implications of the Companies Act 2008 for Information Officers
  • How to differentiate between personal information, special personal information and other data
  • Important content of the PAIA manual
  • The preparations required prior to updating the PAIA information manual about the processing of personal information
  • PAIA manual exemptions
  • Availability of the PAIA manual
  • Guidance available from the Information Regulator
  • Documentation to be prepared prior to the processing of personal information
  • Processing details to be maintained in the PAIA manual
  • Records available in accordance with other legislation
  • The Conditions for the lawful processing of personal information
  • Implications of the Conditions for lawful processing of personal information for business activities
  • Assistance that can be expected from the Information Regulator
  • Working with the Information Regulator to conduct investigations
  • Dealing with requests from Data Subjects
  • Ensuring compliance with the provisions of the POPI Act
  • Handling requests for access to information
  • Receipt of complaints by information officers
  • Informing information officers prior to pre-investigation procedures
  • Requests to the Regulator by Information Officers to make an Assessment in the manner prescribed of whether the body complies with the provisions of the Act insofar as its policies and procedures are concerned
  • Information Notice served on an Information Officer
  • Enforcement Notice served on an Information Officer
  • Non-compliance with an Enforcement Notice by an information officer
  • Applications to Court regarding decisions of information officers
  • Examples from industry – local and international
  • An Action Plan for Information Officers