It is the responsibility of the “Information Officer” to encourage their organisation’s responsible parties to process personal information lawfully and in a reasonable manner that does not infringe the constitutional rights of individuals to privacy. Information Officers need a sound understanding of the eight conditions for processing personal information and what is reasonable so that they are able to provide advice regarding compliance with the POPI Act.
The POPI Act requires head of public oldies and CEOs of private bodies to register with the Information Regulator their Information officers so that data subjects and the Information Regulator can contact, make requests and investigate the lawfulness of the processing of personal information.
Information Officers have specific statutory responsibilities which if not fulfilled have serious consequences, including the possibility of a jail sentence.
This 2 day course will assist Information Officers and Deputy Information Officers understand their role and responsibilities under the Promotion of Access to Information Act (PAIA), the POPI Act and other legislation.
At the conclusion of this course, delegates will be able to:
- Articulate the impact of the POPI Act on their organisation’s activities
- demonstrate an understanding of the duties and responsibilities of information officers
- Describe the role, responsibilities and legal obligations of information officers and responsible parties.
- Describe the roles and the responsibilities of the other parties concerned about the processing of personal information
- explain the conditions for the lawful processing of personal information
- Provide advice on complying with the eight conditions for the lawful processing personal information
Participants will learn through discussion and practical examples how to advise their CEO and responsible parties.
This seminar includes topics about:
- Registering Information Officers with the Information Regulator
- The duties and responsibilities of the Information Officer
- Designation and delegation to Deputy Information Officers
- Implications of the Companies Act 2008 for Information Officers and the possibility of Class action
- How to differentiate between personal information, special personal information and other data
- The content of the PAIA manual and why it is important
- The preparations required prior to updating the PAIA information manual about the processing of personal information
- Processing details to be maintained in the PAIA manual
- Documentation to be prepared prior to the processing of personal information
- The records that are to be available
- The conditions for the lawful processing of personal information and their impact on the processing of personal information for business activities.
- Working with the Information Regulator to conduct investigations
- Handling requests from data subjects
- Encouraging Compliance with the provisions of the POPI act
- Requests to the Regulator by Information Officers to make an Assessment
- Responding to Information and Enforcement notices
- Applications to Court regarding decisions of information officers.