Image
Icon

Directory

IconAppraisers and Valuers
IconAssociations and Institutes
IconBBBEE Consulting and Verification Agencies
IconConsumer Protection
IconCorporate Governance
IconCredit Bureaus
IconDefensive Driver Training
IconEmergency Medical Rescue
IconForensic Investigation Services
IconInsurance Brokers - Alphabetical Listing
IconInsurance Brokers by Type of Product or Service Needed
IconInsurance Companies
IconInsurance Consultants
IconLightning Damage & Surge Protection Specialists
IconOmbud
IconOnline Quotes and Cover
IconPremium Financing
IconPublic Loss Adjustors
IconPublications
IconRating Agencies
IconRegulatory Authorities
IconRisk Finance
IconRisk Management
IconRisk Surveyors
IconSalvage Operators
IconTelephone Quotes
IconVehicle Accident Management
IconVehicle and Household Risk Inspection Services
IconVehicle Tracking
IconWellness Programs
Advertise Here
  Subscribe To »

HOW THE NEW POPI ACT AFFECTS INTERMEDIARIES

Published

2020

Fri

04

Sep

Cyber-attacks are on the rise during lockdown, increasing from the norm of 30 000 daily to 310 000 recorded on the 18 March as criminals exploit the unsecured home networks used by millions of office workers who are now operating remotely. The Protection of Personal Information (POPI) Act aims to mitigate some of the risk with additional disclosures and increased security around access to client data. The POPI Act came into effect on 1 July 2020 giving all companies, including financial service providers and intermediaries, until 30 June 2021 to comply.

 

Danelle van Heerde, Head of Advice Solutions at Sanlam, notes that intermediaries must ensure third party vendors have the proper security in place to protect against data breaches and ensure that their client information is stored securely.

 

“The POPI Act supports the trust relationship between client and intermediary by creating a transparent process,” says van Heerde. “Clients give intermediaries access to a host of personal information, so it is imperative that clients trust that their information is safe and that it is only used for the specific purposes disclosed to them.”

 

After meeting with a new client for the first time, intermediaries must ensure they have permission to continue the relationship and to communicate with the client. Clients must also have the option of opting out or unsubscribing from email newsletters or marketing communications.

 

Processing relates to any activity concerning personal information and includes any operation or set of operations connected to that information. This can be lawfully done if the 8 conditions listed in the Act below are met:

 

  1. Accountability

Intermediaries must ensure all the provisions of applicable data protection laws are complied with and remain accountable even when third parties are used to process personal information on their behalf.

 

  1. Processing limitation

Data can only be processed lawfully with consent from the client or with legal justification, for example where necessary to conclude a contract or to meet a legal obligation. Only data relevant to the purpose may be processed.

 

  1. Purpose specification

The purpose for which data is collected must be specific, explicitly defined and legitimate. Clients must be informed of the purpose for which their personal information is collected.

Personal information may not be kept for longer than is necessary than required to achieve the purpose, unless required by law, e.g. to meet the requirements of the FAIS Act.

 

  1. Further processing limitation

Any further processing of personal information must be compatible with the purpose for which it was collected.

 

  1. Information quality

Reasonably practical steps must be taken to ensure that the personal information is complete, accurate, not misleading and updated where necessary.

 

  1. Openness

Clients must be aware that the responsible party is collecting their personal information, the purpose of collection and the consequence of not providing information.

 

  1. Security Safeguards

Reasonable precautions must be taken to secure the integrity and confidentiality of personal information and prevent loss, damage or unlawful access.

 

  1. Data subject participation

Clients may ask a responsible party to confirm whether their personal information is held, for detail of the information held and any third parties who may have accessed it and to correct or delete personal information.

 

“If you manage a small business or brokerage, ensuring POPI compliance can be cumbersome. You may benefit from partnering with compliance experts to implement legislation and evaluate whether your third-party vendors are compliant as well,” notes Van Heerde.

 

Until recently, companies did not have a legal obligation to inform their clients when their data had been compromised. Under the new POPI act, companies have a legal obligation to inform their clients when data has been compromised or face a hefty fine of up to R10 million.

 

Overall, the POPI act has highlighted the importance of securing personal information both for clients and intermediaries. “Intermediaries should welcome additional disclosures as an opportunity to further strengthen the trust of their clients,” concludes van Heerde.

 
Source: Atmosphere
 
« Back to previous page Print this page » |
 

Breaking News »

Allianz and Euler Hermes strengthen Africa team

Johannesburg – September 16, 2020 – Allianz Global Corporate & Specialty (AGCS) appointed Asheen Maikoo and Piet Schutte as Senior Risk Engineers on September 1, 2020, to continue ...
Read More »

  

Allianz: Companies face five liability loss trends in the face of the coronavirus pandemic

Johannesburg/London/Munich/New York/Paris/Sao Paulo/Singapore – September 09, 2020 – Liability exposures for companies around the world are increasing. Factors such as rising litigation, collective ...
Read More »

  

Indwe embraces drone technology to help improve risk management and optimise insurance

Using unmanned aerial vehicles (UAVs), or drones as they are more commonly known in insurance, is gaining momentum. Globally, 17% of commercial drones in operation are used to assist insurers and large organisations ...
Read More »

  

Businesses need to restart facilities with care and caution as lockdown eases to reduce risk of damages

Allianz Global Corporate & Specialty recommends site security inspections and dedicated loss prevention measures to ensure a successful and safe reopening after lockdown. Fires, machinery breakdowns and faulty ...
Read More »

 

More News »

Image

Healthcare »

Image

Investment »

Image

Life »

Image

Retirement »

Advertise Here
Image
Image
Image
Advertise Here

From The Glossary »

Icon

Losses Paid:

The aggregate of loss payments during a given period, less deductions for all credits.
More Definitions »

 

Advertise

 

eZine

 

Contact IG

 

Media Pack

 

RSS Feeds

By using this website you agree to the Terms of Use.
Copyright © Insurance Gateway (Pty) Ltd 2004 - 2020. All Rights Reserved.