Legal updates and opinions
News / News
POPIA, Employment Contracts and Policies and Procedures
by Ahmore Burger-Smidt, Director and Head of the Data Privacy Practice; Jacques van Wyk, Director, Labour & Employment Practice; and Bradley Workman-Davies, Director, Labour & Employment Practice
With effect of 1 July 2020 a number of material provisions of the Protection of Personal Information Act 2013 (“POPIA”) will come into operation. As more fully detailed in a recent Werksmans’ Update, a number of these provisions impose substantive obligations on businesses (including employers) regarding the processing of personal information.
Positive obligations are placed on employers to, among others, ensure that they comply with the provisions of POPIA regarding the processing of their employees’, customers’ and service providers’ information. It is also important that their employees are equally aware of, and comply with, these obligations when processing any such information on behalf of the employer.
Employers will have 12 months, from 1 July 2020, to ensure that such measures are in place.
It is important that adequate provisions be inserted into contracts of employment and that workplace policies and procedures are implemented to ensure compliance with POPIA. These should include:
(a) The designation of an information officer;
(b) Procedures ensuring information is processed in a lawful manner;
(c) Ensuring that the processing of personal information is done in accordance with the eight conditions provided for in the legislation;
(d) Obtaining consent from employees for the processing of their personal information;
(e) Providing training and information to human resources practitioners as well as employees in order to ensure that information is processed lawfully and that employees, as ‘data subject’s , are aware of their rights;
(f) Putting in place measures to ensure the processing of ‘special personal information’ is lawful;Dealing with any cross-border processing of information; and
(g) Implementing procedures to address and deal with any complaints from, among others, employees regarding the processing of their personal information;
We are able to assist with preparation and/or reviewing of abovementioned and to advise on all aspects of POPIA.
Latest News
The Concept of “Need” in South Africa’s Healthcare Framework: From Certificates of Need to National Health Insurance Accreditation
by Neil Kirby, Director and Head of Healthcare & Life Sciences and Vhutshilo Muambadzi, Candidate Attorney On 18 May 2026, the [...]
The Chief Restructuring Officer in South Africa in 2026: A real option for the turnaround of distressed entities
by Eric Levenstein, Head of Insolvency and Business Rescue As South African companies continue to suffer from an ailing economy, [...]
Business rescue recapitalisations upheld: the legal and commercial significance of White Rivers Exploration v Polsun
by Jonathan Stockwell, Director, Amy Mackechnie, Senior Associate and Clio Patricios, Candidate Attorney The Gauteng High Court, Johannesburg, has delivered [...]
Leave to Appeal Refused, but Questions Remain: The Matric Results Privacy Dispute and the Meaning of Personal Information under POPIA
by: Armand Swart, Director and Isabella Keeves, Candidate Attorney On 3 June 2026, the Gauteng High Court refused the Information [...]
Mind the Conduct: A Guide to COFI – Part 3: Consumer Protection and Transparency
by Hilah Laskov, Director Introduction In this article series, we take a deep dive into the South African Conduct of [...]
Cryptocurrency is money and capital for exchange-control purposes
by Azraa Sidat, Candidate Attorney, reviewed by Janice Geel, Associate and Natalie Scott, Director and Head of Sustainability 1. Introduction [...]
