With the 1 July 2021 POPIA Compliance deadline looming, many businesses are scurrying to ensure their Payrolls are compliant too. The Personal Protection of Information Act (POPIA) impacts both customer and employee information, not only in the way the information is gathered, but also how it is used and safeguarded.
View the enforcement of the Act as an opportunity to not only ensure compliance but to professionalise your business and streamline processes that will have long-term benefits for your business.
The Act stipulates that any employee information collected by the company must only be used for its original purpose. Only if there is a legal requirement that would necessitate a further processing of this information may the company proceed after obtaining permission from the employee.
The safe storage of employee data is another critical component, and the Human Resources and Payroll Departments must ensure that employee data is secure and cannot be accessed by any person or third party who does not need legitimate access to it. With cyber attacks on the rise, it is also the company’s responsibility to ensure that the data is securely stored and that it cannot be lost, hacked, deleted, or exposed through any unforeseen security breaches.
Here are some practical guidelines that will help you get your payroll POPIA compliant:
- If you don’t understand the practical application of the Act, find a consultant or compliance officer who can assist you to create an actionable implementation plan. Schedule regular meetings to track progress against the plan.
- Remember to communicate. Create awareness of the importance of POPIA compliance throughout your organisation. Privacy and data protection should become part of your business culture.
- Educate and train your HR and Payroll employees on the importance of protecting personal information. Brainstorm solutions and process changes with them. This will help create the buy-in you need to change behaviour.
The topics that you need to cover with them is information accountability; processing limitation; the specification of the purpose of information; the quality and standard of the information; where and how information is stored and how to safeguard it.
- Ensure that your processes and systems are adjusted to support compliance with the Act. There should be a segregation of financial duties with the proper checks, balances, and password access in place. This will prevent unauthorised access or leakage of employee information.
If you require payroll assistance or would like to outsource your payroll to ensure compliance, please get in touch. We would love to offer our services so that you can focus on your core business activities.