Protection of Personal Information Act

POPIA is enforced from 1st July 2021

The Protection of Personal Information Act, 2013 (POPIA) came into effect on 1 July 2020. The 12-month grace period for compliance commenced on 1 July 2020. This means that private and public bodies, and anyone else who determines the purpose of, and means for, processing personal information (responsible parties) now have until 30 June 2021 to comply with the Act’s comprehensive requirements.

Microsoft commissioned this White Paper with input provided by Webber Wentzel and Cloud Essentials which aims to provide you with an overview of how POPIA will apply to processing activities and the obligations which come with POPIA and how we assist you through our solutions to meet the compliance requirements.

This White Paper sets out key provisions in POPIA but should not be read as an exhaustive summary of its provisions. Likewise, the controls detailed below should not be considered as representative of Microsoft’s entire control framework. Furthermore, Microsoft’s continuous development of its cloud service capabilities, combined with its focus on supporting and facilitating customers’ compliance efforts, means that customers should consult their Microsoft representative for more information on available compliance technologies at the time of reading this White Paper.

POPIA illustration

Download the white paper to stay informed