The key PoPIA provisions relating to the employment relationship are set out below. In order to comply with PoPIA, employers must:
Since PoPIA allows for a one-year transitional period, companies will need to be fully PoPIA compliant by 30 June 2021. It is essential for companies to work out any problems before this date to avoid the hefty penalties for non-compliance, such as imprisonment of up to 10 years or administrative fines not exceeding R10 million. Compliance with PoPIA will also ensure that companies are able to avoid the reputational damage that follows a data breach.