Portal

Public and Private bodies are required to register with the Information Regulator their Information Officers as outlined in  section 55 of POPIA 

Section 32 of PAIA requires Information Officer of each Public Body to submit annually to the Information Regulator a report stating all requests received & processed by the Public Body.

Who should be registered as an Information Officer?

Information Officers are, by virtue of their positions, appointed automatically in terms of PAIA and POPIA. Information Officers of public and private bodies must designate and/or delegate any power or duty to Deputy Information Officers, as necessary to make the body as accessible as reasonably possible.

Registering Information Officers

The Information Officers are required, in terms of Section 55(2) of POPIA, to take up their duties only after being registered with the Regulator. The registration of Information Officers can be done on the Regulator’s online Information Officer Portal

Your duties as the Information officer

Section 55(1) of POPIA sets out the duties and responsibilities of an Information Officer which include the following:-

  • the encouragement of compliance by the Body with the conditions for the lawful processing of personal information.

an Information Officer may develop a policy on how employees should implement the eight (8) conditions for the lawful processing of personal information or consider issuing a circular in the case of provincial and national departments;

  • dealing with requests made to the Body pursuant to POPIA.
  • working with the Regulator in relation to investigations conducted pursuant to Chapter 6 of POPIA in relation to the body
  • ensuring compliance by a body with the provisions of POPIA

The additional duties and responsibilities of the Information Officers, in terms of regulation 4 of POPIA, are to ensure that

  • a compliance framework is developed, implemented, monitored and maintained;
  • a personal information impact assessment is done to ensure that adequate measures and standards exist in order to comply with the conditions for the lawful processing of personal information;
  • manual is developed, monitored, maintained and made available as prescribed in sections 14 and 51 of PAIA, as amended;
  • internal measures are developed together with adequate systems to process requests for information or access thereto;
  • internal awareness sessions are conducted regarding the provisions of POPIA, regulations made in terms of POPIA, codes of conduct, or information obtained from the Regulator; and
  • upon request by any person, copies of the manual are provided to that person upon the payment of a fee to be determined by the Regulator from time to time..

Submission of reports to the Regulator

The Information Officer of each public Body must annually, and in terms of section 32 of PAIA, submit to the Regulator a report regarding

  • the number of requests for access received;
  • the number of requests for access granted in full;
  • the number of requests for access granted in terms of section 46 of PAIA; 
  • the number of requests for access refused in full and refused partially and the number of times each provision of PAIA was relied on to refuse access in full or partially; 
  • the number of cases in which the periods stipulated in section 25(1) of PAIA were extended in terms of section 26 (1) of PAIA; 
  • the number of internal appeals lodged with the relevant authority and the number of cases in which, as a result of an internal appeal, access was given to a record;
  • the number of internal appeals which were lodged on the ground that a request for access was regarded as having been refused in terms of section 27 of PAIA; 
  • the number of applications to a court which were lodged on the ground that an internal appeal was regarded as having been dismissed in terms of section 77 (7) of PAIA.


Related Resources

© 2022. Information Regulator South Africa