The POPI Act: What is it and how you can become compliant

You may have heard of the POPI Act, but don’t really know what it stands for or entails. Well the POPI Act is more than just a catchy name – it is a super important thing for all companies to comply to – let’s find out why.

What is the POPI Act?

The Protection of Personal Information (POPI) Act was set in place for the purpose of protecting an individual’s personal details, in order to prevent people from just sharing their information all over the place without their consent.

An individual’s personal details are seen as ‘precious goods’ that they have every right to protect – nobody wants their cellphone number or address thrown around all willy nilly right?

The act was signed into law in November of 2013 according to the South African constitutional right to privacy as seen in section 14 of our Constitution. The POPI Act will be implemented on a more serious note from 2018, but for now, we would like to stipulate the importance of becoming POPI compliant in the future.

How do I go about becoming POPI compliant?

There are a few steps that a company needs to take in order to effectively and securely store an individual’s information. We list these below:

  • Only collect the good stuff – that is, only the information that is relevant to your company and the information you require.
  • Apply adequate security measures to protect your staff and customers information – i.e. safe and secure cloud backup of their info or safe filing digitally or manually of their info where it is not accessible from any outside sources.
  • Ensure that your staff and customers information is relevant to your needs and kept up-to-date – i.e. any change in address, contact numbers etc. should be updated.
  • The company should only store the information of its staff or customers for as long it needs it – once a staff member has resigned or a customer is no longer on your books, their information is no longer necessary for you to keep.
  • If a staff member or customer requests to see what information you have recorded on them, for the sake of their privacy, they have every right to see that information – do not withhold it.
  • Ensure there is adequate staff training and education around how to effectively and securely store customer information and what is and is not allowed to be shared. Often staff share sensitive information without really knowing the repercussions.

How to train your staff to be more POPI aware.

Have we mentioned before how cool OnRamp is? We’re so cool, we even offer help with POPI training. It’s as easy as boiling an egg. You can simply create a training PlayBook around POPI best practices, upload it to your OnRamp portal and send it on to all your staff for them to learn and complete a test. You can view our PlayBook on more POPI information on your portal once you are logged in. If you want to create a series of PlayBooks on how to look after customer information, you can do this too. Some PlayBook subjects could be:

  1. What is the POPI Act?
  2. How to look after customer information safely and securely.
  3. What information is safe to share via email or online.
  4. Social media best practices concerning customer details.
  5. How to avoid beady eyes viewing sensitive information.

And in case you were wondering, OnRamp is POPI compliant, with each of our customers information securely stored and free from those sneaky little hackers. We take the utmost care in safely storing any private information that you give us and we promise not to sell it on the call-centre market 🙂

If you are still stuck with how to go about being more POPI compliant, drop us a line on

You can also read more the POPI Act over here: