You have a legal obligation to protect your employees' data and personal information. This is according to the Protection of Personal Information Act, or POPI. If you don't, you could spend 10 years in jail or pay a R10 million fine!
And while we're waiting for the President to confirm the effective date, you'll only have a year to make sure you're doing everything you can to make sure you're complying...
But, before we look at what you have to do, let's see what POPI actually is...
What is POPI?
POPI is the Protection of Personal information Act
. It's officially law, but Government still needs to publish an effective date. The moment it does, you and your company will have one year – three if the Minister extends it – to make sure you're compliant.
Depending on the size of your company, the sooner you start the better. A year and perhaps even three might not be enough time.
If you don't comply, you could receive a fine of up to R10 million and a possible prison sentence. Your company could also face civil actions.
Keep reading to find out how to protect the information…
You must protect your employees' data and personal information according to POPI
As the employer and HR manager, you need to make sure you process your employees' personal information in a way that restricts access to it. Only you and/or senior managers can have access to personal information.
If by any chance the employee's personal data is leaked and it lands in the wrong hands, you could face a fine of up to R10 million or a prison sentence.
But our team of HR experts have created a tool that will help you comply with the requirements of the POPI Act
Six ways to protect employee information
1. Have Information Security policies
in your company. Make sure all employees know about them and get them to agree to follow them in writing.
2. Use an audit trail to protect the data you collect.
For example, use a computer system with electronic footprint tracking. This way you can track if someone views employee information, when and how.
3. To stop employees accessing information, set limits on it.
For example, use passwords for electronic documents.
4. Only your employee and his supervisor,
or anyone else you authorise, must have access to his data. For example, HR, payroll, etc.
5. Control and monitor who has access
to HR offices, electronic sites and personnel files.
6. Dishonest or aggrieved employees often cause security breaches.
So be careful when you give security clearance levels to your employees. Check to make sure their security clearance is still valid.
There are another seven ways you can protect employee information, and the Labour Law for Managers Handbook
covers them – click here to find out more
If you don't secure your employee data someone could steal it, or illegally modify it. If this happens, you could land up in prison or pay a hefty fine.
Make sure you protect employee personal information!