12 July 2021
With many organisations scrambling to ensure their readiness for the recently introduced Protection of Personal Information Act, Al Baraka Bank has advised that it has made every effort to protect the personal information of its customers and other stakeholders from misuse and unauthorised access.
The Protection of Personal Information Act, more commonly referred to as POPIA, was signed into law by the South African President in November 2013. However, the effective date was only confirmed in July last year, with a 12-month grace period ensuing. The grace period has now lapsed and the 01 July deadline for organisations to comply with POPIA has now come into force.
Commenting on the bank's POPIA compliance, Al Baraka Bank's Chief Executive, Mr Shabir Chohan, described the Act as an 'important piece of legislation which gives effect to the constitutional right to privacy and regulates the processing of personal information.'
"July marks a historic achievement in terms of data privacy in South Africa; a huge step, which assists in aligning this country with European Union standards for data protection (General Data Protection Regulation) and reflects the beginning of a new era in data protection. Al Baraka Bank welcomes the introduction of this new legislation, embraces its principles and is pleased with the strides and efforts we have made to ensure POPIA compliance by the bank," Mr Chohan said.
The Act is designed to protect any person to whom personal information relates (including juristic persons, such as companies) and ensures that both individuals and juristic persons know exactly what their personal information is being used for and how it is being processed by organisations.
Personal information is any information relating to an identifiable, living, natural person and, where applicable, an identifiable, existing juristic person. It includes such data such as race, gender, age, employment history, contact details and identity number.
"We have revised and put in place comprehensive measures and safe-guards specifically designed to better protect the personal information of clients and stakeholders. We have always taken most seriously our responsibility in this regard and have taken additional steps to comply with the new legislation with regard to not disclosing such information to anyone who does not have a legal right to the personal details of the individuals and organisations we serve. The personal information of clients which we hold will, therefore, only be used for the specific and lawful purpose for which it was provided to us and will be confined to authorised persons only," added Mr Chohan.
Al Baraka Bank is the only fully-fledged Islamic financial institution in South Africa and Mr Chohan said: "Ethical banking is the foundation upon which our business is based and we are proud of our historic track-record of transparency, accountability, security safe-guards and openness. The responsible processing and maintenance of purpose-specific and accurate client-related personal information is regarded as mission-critical to our business."
The Act necessitates compliance with stringent requirements that must be complied with and includes stiff penalties with regard to non-compliance by organisations.
An Information Regulator has been created in order to enforce the Act and deal with complaints related to the misuse of personal information. The Regulator has reiterated its commitment to resolve any data breach and has already been actively involved in a number of data breach incidents. More information about POPIA is available on the regulator's website at http://justice.gov.za/inforeg .
Mr Chohan encouraged people to become familiar with the Act, adding: "In particular, the public should be aware of the sort of personal information they impart to organisations and to question such organisations with regard to the purpose for which this information is required and how it will be used and protected."