What’s the deal with POPIA?

Published on 7th September, 2021 at 02:51 pm

Find out all you need to know about the new POPIA legislation, how organisations are expected to comply and how this protects you as a group risk benefits member.

1 July 2021 was the deadline for public and private bodies to ensure compliance with the Protection of Personal Information Act (often referred to as the POPI Act or POPIA).

POPIA is South Africa’s data privacy law, and it governs when and how organisations collect, use, store, delete and otherwise handle personal information.

What is considered personal information under POPIA?

Personal information is any information that can be used to personally identify a natural or juristic person (ie organisations). For example:

[IMAGE]

Who does POPIA apply to?

POPIA applies to all local and foreign organisations processing (ie collecting, using or otherwise handling) personal information in South Africa.

Your employer or fund, as a potential policyholder, is a jointly responsible party in relation to any personal information it provides to Sanlam (as the appointed insurer), so it’s important that your employer or fund ensures that personal information collected and shared (in respect of its employees/members, as ‘data subjects’), complies with the applicable data privacy laws – this includes the Protection of Personal Information Act No 4 of 2013.

What does POPIA mean to me as the employee or fund member?

As a Sanlam Group Risk benefits member (ie employee or fund member), you will benefit from POPIA’s requirements in that your personal information must be protected and only be collected or handled where there is a lawful justification for doing so.

But why is my personal information required?

Sanlam, as your insurer, may use personal information or obtain personal information for the following purposes:
• Underwriting and providing accurate and effective insurance cover and related value-added services;
• Member communication;
• Verification of the personal information provided;
• To comply with all legal and regulatory requirements, including applicable codes of conduct;
• To protect Sanlam’s interests; and
• Any purposes related to the above.

As a jointly responsible party, Sanlam will process and protect the personal information shared by your employer or fund, or the service provider appointed by your employer/fund, in accordance with the provisions of the applicable data privacy laws.

How long will Sanlam keep my personal information?

Personal information will only be held and used for as long as permitted for legal, regulatory, fraud prevention and legitimate business purposes.

In summary, POPIA regulates the flow of information in a secure and responsible manner balanced with other rights and constitutional values.

For more information, please refer Sanlam’s Group Privacy Notice.

As a Reality Access for Sanlam Group Risk member, you enjoy value-added benefits designed to make your life as easy as possible. Find out what your benefits are, here.