The Regulations also provide more clarity on the responsibilities of an Information
            Officer such as yourself tasked with responsibility for POPIA at an organisation.
            Regulation 4 sets out a number of responsibilities for the Information Officer, in
            addition to that prescribed by POPIA, which include:
            •       Developing, implementing and monitoring a compliance framework
                    for protection of personal information.
            •       Ensuring that a personal information impact assessment is done to
                    ensure that adequate measures and standards exist.
            •       Developing, monitoring, maintaining and make available a manual,
                    as prescribed by the Promotion of Access to Information Act, 2 of 2000.  Commercial
            •       Developing internal measures and systems to process requests for
                    access to information.
            •       Ensuring that internal awareness training sessions are conducted.

            Although these Regulations are not yet in force, they provide a view on some
            specific compliance aspects that must be considered by your business. Our
            recommendation is to look at updating your compliance procedures to prepare
            for these Regulations or obtain the assistance of a specialist to help you do so.







































                                                                        29