Protection of Personal Inforamation at Unisa

Protection of Personal Information is not a choice… It is the Law and everyone's responsibility

The Protection of Personal Information (PoPI) Act, No. 4 of 2013 promotes the protection of personal information by public and private bodies, UNISA included. The Act was signed into law by the President of South Africa on 19 November 2013 and published in the Government Gazette Notice 37067 on 26 November 2013. Once the Act is made effective, organisations will be given a year’s grace period to comply with the Act, unless this grace period is extended as allowed by the Act. The President has however signed a proclamation declaring some parts of the Protection of Personal Information Act No 4 of 2013 effective from 11 April 2014.

In UNISA’s context, the PoPI Act significantly affects the manner in which we collect, store/archive, use, share and destroy personal information of our students, employees, service providers and alumni. The Act will balances the legitimate needs of UNISA to collect and use personal information for business and strategic purposes against the right of individuals (students, employees, service providers and alumni) to privacy. The Act aims to achieve this balance through introduction of the following eight (8) Conditions and Key Requirements:

1. Accountability
   UNISA must ensure that conditions contained in the Act are fully complied with.
   
   
2. Processing Limitation
   Personal information of UNISA’s students, employees, service providers and alumni may only be processed in a fair and lawful
   manner.
   
   
3. Purpose Specification
   Personal information of UNISA’s students, employees, service providers and alumni may only be processed for specific, explicitly defined and legitimate reasons.
   
   
4. Further Processing Limitation
   Personal information of UNISA’s students, employees, service providers and alumni may not be processed for a secondary incompatible purpose.
   
   
5. Data Quality
   UNISA must ensure that the personal information of its students, employees, service providers and alumni is kept reliable, accurate and up to date.
   
   
6. Openness
   UNISA’s students, employees, service providers and alumni should be aware that their personal information is being collected.
   
   
7. Security Safeguards
   Personal information of UNISA’s students, employees, service providers and alumni must be protected through the use of reasonable technical and organisational safeguards
   
   
8. Data Subject Participation
   UNISA’s students, employees, service providers and alumni may request the correction/ deletion of any personal information held about them that may be inaccurate or misleading.

In response to the above-mentioned requirements of the POPI Act, the University should align its processes and systems to position itself to ensure full compliance with the Act. To facilitate and enhance achievement of this important mandate, the University has created the Directorate: Institutional Information under the Vice-Principal: Advisory, Assurance Services and Registrar Governance Portfolio. The Directorate will be engaging with all functional units within the University to assist them in aligning their processes and systems with the PoPI requirements.

Inventory List

• Alumni (DOC)
• Authors (DOC)
• Community Engagement Participants (DOC)
• Council Members (DOC)
• Donors (DOC)
• Employees (DOC)
• Licensees (DOC)
• Researchers (DOC)
• Service Providers (DOC)
• Students (DOC)

Lastly, any PoPI related queries, questions and/or complaints can be kindly directed to the: