COMPLYING WITH THE LEGAL REQUIREMENTS FOR THE PROTECTION OF PERSONAL INFORMATION
The Protection of Personal Information Act requires all public and private bodies to ensure that how they use personal information is lawful, that there are systems in place for the protection of personal information, and there are processes for handling requests from the Information Regulator and individuals (i.e. data subjects).
The Protection of Personal Information Act requires that responsible parties ensure that any processing of personal information conforms to all eight conditions for the lawful processing of personal information. The processing of human resources (HR) information of job applicants and employees are areas of high-risk.
Privacy is a human right, protected by the South African Constitution. Individuals whose personal data is misused may feel particularly aggrieved that there has been an interference with their individual right to privacy, request the Information Regulator to take action and seek compensation.
Just because you can do something doesn’t make it legal. Obtaining consent from employees, most often, is pointless.
Participants will obtain an understanding of legislative requirements for the processing of personal Information that apply to human resource management.
On completion of this 2 day seminar, participants will be able to:
- Demonstrate an understanding of the impact of the Protection of Personal Information Act on the processing of HR information
- Communicate the impact of POPI on HR
- Prepare a road map for the protection of personal information in the HR
- Articulate the HR activities that require attention as a result of the Protection of Personal Information Act
- Clarify responsibilities of HR personnel involved in the processing of personal information function
- Develop a privacy impact assessment for HR information
- Perform a risk assessment for HR data.
Participants will learn through discussion and practical examples how to prepare for and address the organisational, procedural, technical and legal obligations for processing human resources information in conformance with the protection of POPI Act
This seminar includes topics about:
- Why the protection of personal information is important for human resource management
- The key components of the Protection of Personal Information Act
- Accountability for the processing of personal information
- Conditions for lawful processing of personal information
- Identifying personal information and special personal information processed within HR
- The impact of the POPI Act on the terms and conditions of employment
- Good privacy practices of the HR function
- Common HR practices that do not comply with the Protection of Personal Information Act
- Restricting HR personnel’s access to personal data
- Risks from photocopying, faxes, and emails
- Securing employee information in the office, when being transported and processed at employee’s homes
- Keeping only what is allowed
- Risks from using social media
- The requirements for exchanging personal information
- Staff data portability
- Sharing employee data within a Group of companies
- The cost of assurance.