Employee Data Privacy

South Africa - Registration Requirements

 Download as a PDF

Does HR data processing require registration under data protection laws?



Data protection laws sometimes include conformity assessments, which help to ensure businesses follow regulations. Requirements can include registration before the Data Protection Authority and random audits. 

In South Africa, the person at the employer who is given the Information Officer role is responsible for:

  • encouraging compliance with the Personal Information Protection Act, (POPIA);
  • handling requests made under POPIA;
  • otherwise ensuring the employer’s compliance with POPIA provisions;
  • working with the Regulator in the event of POPIA investigations; and,
  • other responsibilities, as prescribed.

The Information Officer must be registered with the Regulator. Employers are generally not required to register data under the Protection of Personal Information Act. That said, responsible parties must get permission from Information Regulators in certain instances, including when:

  • the employer plans to process unique identifiers of data subjects for a purpose other than the one for which the data was originally collected and plans to link that data with information processed by other parties (Sec. 57(1)(a), POPIA); or,

  • special personal information and/or children’s personal information is being transferred to a third party in a foreign country that doesn’t provide an adequate level of protection for processing personal information (Sec. 57(1)(d), POPIA). Special personal information includes: religious/ philosophical beliefs, race/ethnicity, trade union membership, political persuasion, health/sex life, biometric information, and criminal behavior relating to alleged offences/proceedings.


Responsible parties are also expected to register data in advance with the Information Regulator when personal information is being processed for the purposes of credit reporting or behavior or objectionable conduct on behalf of third parties (Sec. 57(1)(b) and (c), POPIA).


UKG's HR Compliance Assist team relies on a network of internal and external compliance experts and lawyers to provide clients with best practices and recommendations on topics such as HR document retention, employee data privacy, and HR electronic records. HR Compliance Assist also provides local compliance monitoring and alert services in select countries where UKG's customers have employees. HR Compliance Assist is a service exclusively available to UKG customers.

Share Your Feedback

Let's Talk