For your body corporate trustees or homeowners association directors:
1 July has come and gone and there has been no invasion by officials from the Information Regulator’s office knocking down the doors of businesses with the aim of issuing fines of millions of rands.
Does this mean there is no POPIA? No, POPIA is in force and, looking at the many businesses that have reviewed their way of doing things to ensure the best protection of the data that they keep, the Act has had a good start.
Is that all there is to it then? Yes and no. In essence, the Act merely requires organisations and businesses to be accountable for the personal data of others that they process. A simple task on the face of it, but when one looks deeper into it, it requires a lot of thinking, planning, and patience to achieve and maintain.
Trustees of sectional title body corporates and directors of homeowners' associations may find compliance challenging, as they often have a small(er) role to play in the daily management of schemes (and the related processing of data), this function is often left to a managing agent. As the law reads now, the trustees or directors may not simply stand back and must obtain assurance that the managing agent will always deal with their respective organisations’ data reliably, as required in POPIA.
Trustees and directors have been targeted by a lot of hyped media about the consequences of not having lists of policies and (often superfluous) consents filed away. Our answer: relax and get proper guidance.
Let our professionals assist your residential, commercial, or mixed-use scheme to engage with POPIA sensibly, as the Act requires. Remember, there is no “I am done” tick box here. POPIA requires organisations to adapt from time to time, to respond to real risks that may emerge relating to unauthorized access to data, improper use of data, or to data compromises.
Contact our Labour Law Department on 041 363 6044 or info@kaplans.co.za for sound assistance.