The Protection of Personal Information Act – prepare for change
The Protection of Personal Information Act or POPI Act promotes the protection of personal information by public and private institutions. The wheels are turning slowly with the Act though, and as yet it hasn’t been officially signed into law. However, it is wise to arm yourself with the information contained with the POPI Act Proclamation because for those of us in industries like the insurance industry, the POPI Act means a definite change in way of working with clients’ personal information.
Do you have enough knowledge of the POPI Act to avoid breaking the law and possibly incurring a hefty fine? Here are some the important points to note regarding the POPI Act:
Consent must always be obtained
Insurers and consultants need to make sure that their paperwork clearly and explicitly mentions that the persons personal information will be used for underwriting purposes. One step further would be to remind each of your clients verbally of this fact. If an intermediary or outsourced provider is used, they will need to ensure they obtain the consumers consent to transfer this information to a third party.
Direct Marketing Infringement
If direct marketing is a channel you use to gain client particulars, then it would be wise to check with your legal department that all the necessary checks and balances are in place regarding POPI. Catherine Berry, Senior Underwriter for legal firm Camargue says “the Act effectively outlaws the transmission of direct marketing messages prior to receiving express consent from the recipient.”
Christine Rodrigues of Norton Rose Fulbright says “a customer must have consented to have his/her information sold to suppliers. Marketing directories (personal information databases) used for direct marketing purposes need to ensure a person is made aware that their information will be added to the directory and for what purposes a person’s personal information will be used, consent for this must be given by the individual.”
Only authorised people can access information
A lot of money might already have been spent by your company, ensuring that adequate systems are in place to protect clients’ personal information. Strict security measures are required of companies dealing in personal information to make sure that no unauthorised employees or people are able to access this information. Even the simplest water cooler conversations need to be nipped in the bud if the sharing of personal information of a third party is happening.
Fines for misusing or abusing the POPI Act and an individual’s personal information will hurt and can be up to R10 million. As a successful sales man or woman in the financial services sector you should be up-to-date and fully compliant when it comes to the laws of this nature.
Need more information on how POPI Act affects your and your way of selling? Contact DFC Greater Gauteng now.