How South African legislation links to Information Compliance

Due to the rapid changes in technology, information strategies should support an  organisation’s objectives to comply with all relevant legislation. 

The Constitution of South Africa specifically protects the right to freedom of expression; the right of access to information – also known as the Promotion of Access to Information Act; the right to privacy – better known as the Protection of Personal Information Act; the Consumer Protection Act; and corporate governance, better known as the Companies Act and the Closed Corporations Act. This includes the provision for the Electronic Communications and Transactions Act.

To really understand how the above legislation links to Information Compliance, we will look at each of these in more detail:

  • The Constitution of the Republic of South Africa is the supreme law of South Africa and any law inconsistent with the Constitution may be declared invalid. The majority of rights are derived from the Bill of Rights in the Constitution.
  • The Electronic Communications and Transactions Act is the cornerstone of information and communications technology law or cyberlaw. This Act aims to make internet connections, infrastructure and facilities available to the public. Cyber legislation and Information and Communication Technology law (ICT law) include aspects such as digital intellectual property, privacy, cybercrime and data protection of the telecommunication infrastructure.
  • The Promotion of Access to Information Act is intended to give effect to the Constitution, granting any person or juristic person the right to have access to information. Any person or juristic person can obtain information if it is to protect or exercise his/her rights, irrespective of whether such information is the form of hard copies or electronic records.
  • The Protection of Personal Information Act aims to protect any personal information collected, compiled or stored by persons or juristic persons. The increase in technology associated with the internet, improved search engines and storage of large volumes of information have made the Protection of Personal Information Act one of the most important pieces of legislation within the Information Compliance Framework.
  • The Consumer Protection Act provides a common standard for consumer protection and establishes the overarching legislative framework for consumer protection and enhancement of consumer rights. This Act provides for measures to protect information of consumers or customers in a commercial environment.
  • Corporate Governance, as a principle of good governance, is intended to ensure that stakeholders are informed about the company’s activities, including future risks involved in business strategies, etc. Transparency means a willingness by the company to provide clear information to stakeholders. With increased technology infrastructure, security and information governance should be a key part of the agenda to make sure that compliance, as an obligation and a way to ensure rights and protection, is understood. The Companies Act contains various provisions to protect the proprietary information of a company and advance the rights of stakeholders to access information of a company.

Conclusion

All South African legislation is tested against the norms, standards and values of the Constitution to strike a balance between the right to privacy and the right of access to information. It therefore promotes fair business practices, rights to privacy, choice and disclosure of information. Due to the rapid changes in technology, information strategies should support the organisation’s objectives to comply with all relevant legislation. Of importance is the level of knowledge of employees in the workplace to apply information compliance policies diligently and correctly. 

SERR Synergy assist businesses in compiling and implementing the relevant documents and procedures to comply with Information Compliance legislation. We also assist businessess to comply with provisions of the Consumer Protection Act, Electronic Communications Act and the National Credit Act.

About the Author: Retha van Zyl completed her BCom Hons (Economics and Risk Management) studies at the North West University. She joined our team in January 2016 where she currently holds the title of ‘Information Compliance Advisor’. She specialises in POPI and PAIA Compliance, which includes compiling and submitting PAIA Manuals to the Human Rights Commission. She also compiles and implements Information Security Management Policies / Systems where she identifies the risks associated with information security in each department within an organisation.