1 minute read
#8 EMPLOYEES 5
Next Article
As promised in the previous insert, I will now address the penalties that may be imposed for non-compliance.
POPI exposure has four aspects to it;
• Firstly there is the possibility of a fine for non-compliance which can be up R10 million.
• Secondly the aforesaid can go hand in hand with spending up to 10 years in jail.
• Thirdly there is the suggestion that Section 99 (1) has introduced (Over and above the absolute liability aspect**) ‘ .. a form of statutory vicarious liability for employers if employees breach POPI and as a consequence, a civil action (by a person whose privacy has been infringed upon through the unlawful, culpable processing of his or her personal information) for damages may be instituted against the responsible party [the employer] irrespective** of whether there is intent or negligence on the part of the responsible party (ENSafrica - By Era Gunning & Nicole Gabryk)
• Finally there is a possible impact on your brand for a breach of security which the Information Regulator may require you to make public, over and above having to advise the Data Subject.
© ADV LOUIS NEL Louis-THE-lawyer
DISCLAIMER - Each case depends on its own facts & merits - the above does not constitute advice - independent advice should be obtained in all instances
The recently introduced Cybercrimes Act imposes a duty on electronic communications service providers and financial institutions to report certain offenses within 72 hours. Failure to make the required report could lead to a fine on conviction of a maximum of ZAR50 000
However let’s not stick to our shores – if the business you conduct falls under the auspices of the European Community General Data Protection Regulations (2016/679 & Directive 395/46/EC)(‘GDPR’) the fines are materially higher i e the greater of 4% of the entity's global annual revenue or €20 million!
Let’s take a leaf out of the UK book - ‘80% of UK small businesses close after fines under their privacy laws’ https://petercarruthers.teachable.com/p/freetraining-popi-protection-personalinformation-act-small-business
Before I move on, the above is a very definite indication that proper & adequate insurance must be at the top of the ‘shopping list’!
My next issue & final insert on employees will deal with the POPI requirements for the WFH scenario.