Understanding the Protection of Personal Information (POPI) Act
Drickus Maartens • Oct 01, 2019
While the Protection of Personal Information (POPI) Act doesn't replace the HPCSA’s existing guidelines on safeguarding confidential patient data, POPI does affect all private and public organisations that process information such as names, addresses, email addresses, health information and employment history.
Some of the obligations placed on the medical practice under POPI are:
- To only collect information for a specific purpose
- To apply reasonable security measures to protect the information collected
- To ensure all information collected is relevant and up to date
- To only hold as much information as is required, and only for as long as it is needed
- To allow the subject of information to see it upon request.
Consent
Consent under POPI has to be specific, voluntary and informed. The burden of proof to show that consent was given falls on the practice, so it is advisable to keep some sort of record of consent given by a patient.
Preserving the information
All medical practices are expected, by law, to implement reasonable technical and organizational measure to ensure the information is protected from loss, damage, unauthorized destruction and unlawful access thereto.
An example of a foreseeable risk would be an employee within a medical practice accessing private and personal information without being made aware that the information is to be kept strictly confidential at all times.
Dealing with an information leak
In the event of information being leaked, the practice will need to notify both the patient and the Information Regulator that the information has been accessed, in writing. The patient also needs to be advised about protective steps which could be taken.
When notifying the patient ensure that the following information is given:
- The possible consequences of the disclosure
- A description of the measures which will be taken to rectify the leak of information
- The identity of the individual who had unauthorised access to the information must be disclosed.
Failure to comply with POPI
Failure to comply with POPI can lead to a complaint being lodged against a healthcare practitioner with the Information Regulator, or receiving a civil claim for payment of damages. One of the very serious implications can even be criminal prosecution which, if convicted, could result in a fine of up to R10 million, a prison sentence of up to 10 years, or even both.
It is therefore extremely important for all people, companies and organisations handling health related information to assess their practice policies for handling health related and personal information.
Information supplied by Van Rhyns Attorneys
Frans Ndlovu was lying on the cool floor with his door open when he was attacked by a hyena. A multidisciplinary team of doctors and nurses at Netcare Pholoso Hospital worked day and night to save his life.
Those who work with soil and animals should stay up-to-date with regular tetanus vaccinations.
A strategic partnership between Netcare Akeso, the mental health division of the Netcare Group, and two Limpopo doctors has laid the way for the establishment of a new psychiatric facility in Polokwane to significantly enhance private mental healthcare capacity in the province.
With influenza season fast approaching, stock of this year’s flu vaccine is currently available in South Africa
Desk-bound individuals who spend most of their workdays seated need to prioritise posture and regular body breaks or risk spinal injury, chronic disease and mental health issues, among numerous other serious concerns.
According to Dr Bonke Sumbulu, a general practitioner at Netcare Medicross The Berg in Bergbron Johannesburg, ‘sitting is the new smoking’ may not be an accurate comparison. However, the dangers of continued sitting for long periods are cause for very real concern.
Expanding healthcare access in South Africa demands meticulous resource allocation, which is crucial for delivering the calibre of service essential to upholding the human dignity of our entire population, according to the Health Funders Association (HFA).
There is a direct link between human rights and preventing the spread of cancer, says Lorraine Govender, National Manager: Health Programmes of the Cancer Association of South Africa (CANSA), commenting on this year’s World Health Day theme: My Health, My Right.
Step into the heart of compassionate renal care at National Renal Care (NRC): Pictured here is our centre at Netcare Alberton Hospital in Johannesburg, which is one of 71 such NRC facilities countrywide. With our dedicated team of nephrologists, technologists, and nurses, you'll find personalised support and expert guidance at every step of your dialysis journey. Experience the difference with NRC – where care meets convenience.
Ryan Kurt Williams after his recent cochlear implant at Netcare N1 City Hospital. Professor James Loock, an Ear, Nose and Throat (ENT) surgeon and the audiology team of the Tygerberg Hospital and University of Stellenbosch Cochlear Implant Unit (THUSCIU), identified Ryan as an ideal candidate to benefit from a cochlear implant.
Clinical psychologist Vashnie Sithambaram shares tips on how to support young adults as they fly the nest
