How will the POPIA protect you?
The POPIA is here to protect consumers or “data subjects”, by giving them more control over their personal data – with the way it’s collected, shared, and used by businesses and organisations.
The POPIA will give data subjects rights regarding their personal information. It will have 8 minimum requirements necessary for the lawful processing of personal data and covers a broad definition of personal information to allow for wider data subject protection.
The rights included for data subjects under the POPIA include the right to be notified on when and how your data is being collected, the right to access the data, and the right to correct or erase data.
This participation by the data subjects is only 1 of the 8 minimum requirements, with others, including: Accountability, Processing Limitation, Information Quality, Openness, Purpose Specification, Further Processing Limitation, and Security Safeguards.
Security of data being the primary concern for businesses or organisations handling personal information, as it is their responsibility to ensure that data subject’s personal information is safe from data breaches, or that they have taken all possible measures to ensure the safety of the data.
As for the consequences for businesses or organisations that are not POPIA compliant, they can face lawsuits from data subjects that can carry hefty fines of up to R10 million and/or up-to 10 years in prison – not to mention the irreparable damage to their reputations.