Compliance to the Protection of Personal Information Act (POPIA), also known as the POPI Act, will be mandatory for most organisations in South Africa.  As the Information Regulator develops the POPI Regulations further, so the dates and requirments will become clearer.  See the latest status from the Information Regulator.  This doesn't mean that organisations should wait until then.  The European Union has developed the General Data Protection Regulations (GDPR) and are in the process of implementation.  The Information Regulator is likely to follow similar principles and regulations. Until the POPI Act and Regulations are fully in place, following the GDPR will get you moving in the right direction.

Whilst the focus of the POPI Act is on compliance, our approach is to implement compliance in such a way that it delivers business value, so that it doesn't become a cost centre, or overhead, but rather allows for improvements in efficiencies and effectiveness, done in such a way as to meet the compliance requirements.

The site contains useful guidance and implementation tools to equip you to be POPI Act compliant.  It will evolve over time as the Regulations are published.  It will contain information about:

This site is proudly sponsored by COR Concepts, an Information Management company.

If you need any further information regarding the POPI Act, and simple steps to compliance, sign-up to our e-mail newsletter. 

The information published on this website is provided for general purposes only and does not constitute legal advice. We make every effort to ensure that the content is up to date and accurate. Please consult with a lawyer for legal advice. During our implementation we can engage with privacy lawyers on your behalf. We accept no responsibility for any loss or damage, whether direct or consequential, which may arise from reliance on the information contained in these pages.

Join our mailing list to  keep up to date with latest POPIA developments.