Here are the eight guidelines to legally process your employees' personal information:
1) Make sure someone is responsible and captures information in line with the Protection of Personal information Act.
2) Keep in mind that you have to only process the information if it's suitable, relevant and not excessive for the reasons of the processing. The employee must agree to it and can object to the processing at any time.
Here's an example to make this clearer:
This would, for instance, include the following personal information: name, identity number and banking details of your employees in order to pay their salaries. It's information you need and it isn't excessive for the reason you're asking for it.
*********** Recommended For You ***************
At the end of 2014, the Minister of Labour made over 70 crucial changes to the three Acts that govern your employees
And introduced hundreds of new ways to set your company up for disaster
Today, we're revealing a simple way to stay on top of these law changes – for a fraction of the cost of hiring a labour consultant
3) You have to only collect information for a legal reason you define. It must be relative to a function of thecompany. For instance, you must legally have information on your employees. In each case like this, you can't keep these records indefinitely. You must also limit who has access to these records.
4) You can only process the information further if it's compatible with the purpose you collected it for.
E.g.: Processing information further means using the information for something else. So this information can be used for something else, if it's close to what it was collected for. For instance if an employee is receiving a pension pay-out, you can give the banking details you have on record to the pension fund.
5) You need ro ensure that the information you collect is accurate, complete, not misleading and up-to-date
TIP: Send out a questionnaire to all employees every three months to get them to update their information.
6) Notify employees when you're collecting personal information.
When you collect employees' information, do it in batches. This will help control the process if you have a lot of employees
7) Make sure all the personal information under your control is safe. If there's a breach or compromise in your information, you have to let employees know.
8) An employee has the right to access their own personal information. You must also let them correct it and have access to a copy of this information.