Contact

POPIA update: POPIA regulations are coming into effect and the guideline on the codes of conduct is published

Back to top

POPIA update: POPIA regulations are coming into effect and the guideline on the codes of conduct is published

On 26 February 2021, the Guideline to Develop Codes of Conduct (Guideline) was gazetted and notice was given that Regulations issued in terms of the Protection of Personal Information Act 4 of 2013 (POPIA) are coming into effect. In relation to the Regulations, the Government Gazette (No 44191) notified that Regulation 5 (relating to the application for issuing of Codes of Conduct) is effective as of 1 March 2021. Regulation 4 (relating to certain responsibilities of Information Officers) will be effective on 1 May 2021 and the rest of the Regulations will come into effect on 1 July 2021.

2 Mar 2021 2 min read Technology, Media & Telecommunications Alert Article

At a glance

  • The Regulations issued under POPIA will have different effective dates: Regulation 5 (application for issuing Codes of Conduct) was effective from 1 March 2021, Regulation 4 (responsibilities of Information Officers) will be effective from 1 May 2021, and the remaining Regulations will come into effect on 1 July 2021.
  • Information Officers will have specific responsibilities under Regulation 4, including developing a compliance framework, conducting personal information impact assessments, maintaining an access to information manual, implementing systems to process requests for information, and conducting internal awareness sessions.
  • The Guideline to Develop Codes of Conduct has been published, providing guidance for industry bodies to apply for the approval of codes of conduct by the Information Regulator. Businesses need to ensure their processing of personal information aligns with POPIA provisions before the full implementation of the Regulations on 1 July 2021.

Responsibilities of Information Officers

With Regulation 4 being effective as from 1 May 2021, information officers will be required to comply with the following:

  • develop, implement, monitor and maintain a compliance framework;
  • undertake a personal information impact assessment to ensure that adequate measures and standards exist;
  • develop, monitor and maintain an access to information manual required in terms of the Promotion of Access to Information Act 2 of 2000 (PAIA) (commonly known as a PAIA manual);
  • develop internal measures and systems to process requests for information or access; and
  • conduct internal awareness sessions.

This would mean that the Information Regulator is likely to communicate the mechanism or process to allow for the registration of information officers in the coming weeks, in order that information officers may assume their duties.

Issuing a code of conduct under the Guideline

Chapter 7 of POPIA provides for the development of codes of conduct which may apply to certain types of personal information, specific industries, professions, bodies or to specific types of activities. 

The Guideline which has been published, is for the development of codes of conduct by the relevant industry bodies in terms of section 65 of POPIA. The Guideline provides guidance to industry bodies on the making of an application for a code of conduct to be approved by the Information Regulator. The Regulations prescribe the form for such application to the Information Regulator which may be submitted as from 1 March 2021.

With the remainder of the Regulations to commence on 1 July 2021, it is now more important than ever for businesses to ensure that their processing of personal information complies with the provisions of POPIA.

The information and material published on this website is provided for general purposes only and does not constitute legal advice. We make every effort to ensure that the content is updated regularly and to offer the most current and accurate information. Please consult one of our lawyers on any specific legal problem or matter. We accept no responsibility for any loss or damage, whether direct or consequential, which may arise from reliance on the information contained in these pages. Please refer to our full terms and conditions. Copyright © 2025 Cliffe Dekker Hofmeyr. All rights reserved. For permission to reproduce an article or publication, please contact us cliffedekkerhofmeyr@cdhlegal.com.

You might also be interested in

18 Jul 2024

Only eat your share of the baguette: An analysis of the recent High Court decision on withholding tax on management and professional fees under the Kenya-France DTA

On 4 July 2024, the High Court in Commissioner of Domestic Taxes v Total Kenya Limited (Income Tax Appeal E044 of 2021) determined that withholding tax on management and professional fees is not payable in Kenya under the Kenya-France Double Tax Agreement (DTA). This decision arises from an appeal lodged before it by the Commissioner of Domestic Taxes, following a similar finding by the Tax Appeals Tribunal (TAT) in TAT Appeal 151 of 2016 (Consolidated with Tax Appeal 16 of 2017).

Tax & Exchange Control

4 min read

9 Apr 2025

by Malesela Letwaba

New earnings threshold effective 1 April 2025

Malesela Letwaba, Senior Associate in the Employment Law practice, recently joined Bongiwe Zwane on SAfm to discuss the 'New earnings threshold effective 1 April 2025.'

Employment Law

05:54 Minutes

6 Feb 2025

by Nastascha Harduth, Jerome Brink and Kagiso Mokaleng

Leveraging innovation to stave off financial decline and promote growth

South Africa, the 24 th largest country by population and 25 th by land area, has immense untapped potential. Our large labour market and significant immigrant population, combined with three major functional harbours along the 40 th longest coastline in the world, create opportunities for considerable economic expansion.

Corporate Debt, Turnaround & Restructuring

4 min read

12 Nov 2024

by Alecia Pienaar, Alistair Young and Marelise van der Westhuizen

Revisiting an old gem in the circularity era: Reprocessing of tailings under the Ataqua judgment

According to PwC’s SA Mine 2024 report (Report), which was released on 1 October 2024, “ The South African mining sector has experienced a hive of merger and acquisition (M&A) activity in the past year. ” The Report notes a total deal value of $10 billion across 32 deals in the 12-month period ending 30 June2024.  

Mining & Minerals

6 min read

3 Jun 2025

by Zodwa Malinga and Clive Rumsey

Types of alternative dispute resolution

Alternative dispute resolution (ADR) methods have become the preferred mechanism to resolve commercial disputes. The traditional approach to dispute resolution used to be litigation. The popularity of alternative methods of dispute resolution can in part be attributed to the backlogs experienced by courts. This has also resulted in the incorporation of one of the alternative dispute resolution methods into the Uniform Rules of Court. The introduction of the new Rule 41A in March 2020 meant that an initiator of litigation proceedings was required to file a notice asking the other party whether they were amenable to mediation and the other party was required to respond with its own notice, but mediation was by agreement. Recently, the Gauteng Division of the High Court issued a directive introducing mandatory mediation in the Gauteng division and the accompanying protocol.

Dispute Resolution

7 min read

16 Apr 2025

by Alex Muchira, Yvonne Njuguna and Ian Ounoi

Compliance crackdown: Is your company at risk of being deregistered?

== Duty of a company to lodge a copy of the register of beneficial ownership with the Registrar Pursuant to section 93A of the Companies Act, Cap 486 (Companies Act), every company is required to keep a register of its beneficial owners. Consequently, all companies are required to lodge a copy of the register of beneficial ownership with the Registrar of Companies (Registrar).

Corporate & Commercial Law

3 min read

This website uses cookies to enhance the browsing experience. For more information, please see our Cookie Policy.

Accept Decline