The new Personal Data Protection (PDP) Bill was passed on 15 Oct 2012 and will become law on 2 Jan 2013. The law governs the collection, use and disclosure of personal data by organisations in a manner that recognises both the right of individuals to protect their personal data and the need of organisations to collect, use or disclose personal data for purposes that a reasonable person would consider appropriate in the circumstances.
Under the Act, personal data is defined as data, whether true or not, about an individual who can be identified:
(a) from that data; or
(b) from that data and other information to which the organisation is likely to have access;
The law covers the following areas:
- Collection, use and disclosure of personal data;
- Access to, and correction of personal data; and
- Care of personal data
Implications for HR Practitioners
HR practitioners collect a large amount of personal data for the proper functioning and delivery of HR services. In doing so, HR practitioners should have systems in place to:
- Ensure that all personal data collected are properly stored and accessible only to authorised personnel;
- Ensure that personal data are not divulged to 3rd parties for unauthorised purposes;
- Allow employees to view their personal data and to make corrections as necessary; and
- Train employees on the proper collection, management, use, and storage of personal data.
Contact us for more information on how you can be compliant with the new Personal Data Protection Act.