Ethical Medical Practice

Protection through Compliance

We reduce malpractice risk for doctors through ethical compliance

POPI Made Simple

Key POPI Principles


POPI Made Simple guides you through the key concepts which you need to know about POPI and the practice of healthcare in South Africa.

POPI can seem challenging. The principles are in many respects new and at first seem complex. If that is your reaction, there is not need to feel concerned, or overwhelmed. You are not alone. But with a little guidance, you will soon find that the principles will make begin to make sense.

POPI Made Simple will guide you through the principles of POPI as they apply to your particular situation. We adopt a step-by-step approach, from the key fundamentals which should be understood by everyone in the healthcare sector, to the most challenging and complex issues which large organisations need to address through dedicated POPI officers.

It all starts with the Key Principles. These principles are the spine of POPI knowledge, and will be released on 5 July 2021.

We will then develop the Key Principles through a video/audio series focusses on their practical application to the health care environment. Together with the video series, we will look at standard POPI documentation which can be applied in yourt practice. (The video series and documentation will be released by 12 July 2021).

Lastly, keep a lookout for the regular Updates and Expansions which will deal with developments relating to POPI, and address specific questions relevant to health care in South Africa on an ongoing basis to keep you up to date and fully informed.

Finally, a last word – to understand the principles relating to management of presonal information, we will engage with the POPI Act itself. Don’t feel concerned by this – we will walk you through the Act, and explain how it applies to your situation in clear language so that you can properly organise how personal information in your practice is managed, feel secure in this increasingly important aspect of professional practice and take control of your management of POPI.

Key Principles

Question 1: What is POPI?
Question 2: Does POPI apply to my practice?
Question 3: What are my duties to comply with the POPI Act?
Question 4: How do I ensure that I have obtained proper consent from the patient?
Question 5: What is the position when collecting directly from the person involved?
Question 6: What security measures must I put in place to protect information?
Question 7: What is the position when my employees or other persons deal with personal information?
Question 8: What are my duties when a third party handles information for me?
Question 9: What must I do if I suspect there has been a breach of security relating to personal information?
Question 10: What is the position where patients request their personal information?
Question 11: What is the position where patients request correction of their personal information?
Question 12: What is "special personal information"?
Question 13: Are there circumstances in which I can collect "special personal information" from a patient?
Question 14: Are there specific circumstances where information about a patient's religion or race can be dealt with?
Question 15: What are the rules regarding information about a patient's health or sex life?
Question 16: What are the rules regarding a patient's biometric information?
Question 18: What are the duties of the Information Officer?