Guidelines, Guidance Notes and Notices
Notification of a security compromise in terms of Section 22 of Protection of Personal Information Act, 4 of 2013 (POPIA), 22 Sep 2021
In terms of section 22 of the Protection of Personal Information Act No. 4 of 2013 (POPIA), where there are reasonable grounds to believe that the personal information of a data subject has been accessed or acquired by any unauthorised person, the responsible party must notify the Information Regulator (Regulator) and the data subject, unless the identity of such data subject cannot be established.
Notice: Exemption of certain private bodies from compiling manual, 29 Jun 2021
Promotion of Access to Information Act, 2000 (Act No. 2 of 2000): Exemption of certain private bodies from compiling manual, 29 Jun 2021
Guidance note on processing of Special Personal Information, 28 June 2021
The purpose of this Guidance Note is to guide responsible parties who are required to obtain authorisation from the Regulator to process special personal information, as provided for in section 27(2) of POPIA.
FORM: Follow this link for the Application form for authorisation to process Special Personal Information [ePDF]
GG 45492, GoN 1504 - Promotion of Access to Information Act: Regulations [ Updated PAIA Guide], 16 Nov 2021
GG 45306, GeN 596 - Protection of Personal Information Act: Code of Conduct: Credit Bureau Association (CBA): Comments invited by 26 Oct 2021, 12 Oct 2021
GG 45120, GoN 829 - Protection of Personal Information Act: Amendments to Regulations: Comments invited by 30 Sep 2021, 09 Sep 2021
Legislation, Invites to Comment, Rules & Relevant Judgments
Follow the link below to view the relevant pieces of legislation, such as the Protection of Personal Information Act, 2013 (Act 4 of 2013) and the Promotion of Access to Information Act, 2000 (Act 2 of 2000); and court judgments.