The Promotion of Access to Information Act (PAIA) provides that all entities, with the exception of those exempted by the Minister of Justice, must declare and categorise the information available in their businesses in the form of a Manual, which must be submitted to the South African Human Rights Commission, while a copy thereof must at all times be available on the business’s premises. The Act ensures that public and private entities are accountable and transparent with regard to the information they keep.
What information should be in a PAIA Manual?
No PAIA Manual fits all. It must cover a wide spectrum of areas in terms of different legislation, corporate governance, etc. and, depending on the organisation, should include a detailed description of the following:
- The postal and street address, phone and fax number, and, if available, e-mail address of the head of the body
- Other prescribed officers who have access to the entity’s information
- Full description of business activities
- Any other group structures that might be applicable
- Grounds for refusing access to information
- Prescribed fees
- A description of and guide on how to use the Act to get information from other entities
- A list of other legislation applicable to the organisation, e.g. the Employment Equity Act 55 of 1998, the Income Tax Act 58 of 1962, etc.
- The records that are available to an interested party without having to request access in terms of the Act
- How to request records from the body in terms of the Act
- A description of the records that are categorised and classified, for example, as automatically available, personal information, special personal information and confidential information in accordance with any other legislation
- Various information relating to the Protection of Personal Information Act (POPI).
What are the benefits and liabilities of PAIA compliance?
A person with the intent to deny another person the right of access to information (destroys, damages, conceals or alters a record) where such other person requires the information to exercise any right to which he/she is entitled, commits an offence.
In practice it will be the Head of the body (business entity) who would be liable in his/her personal capacity and, on conviction, to a fine or imprisonment for a period not exceeding two years.
Apart from avoiding criminal prosecution, the PAIA Manual provides businesses with the opportunity to–
- classify their information
- protect their own trade secrets and sensitive commercial information and records
- prevent unwanted publication
- protect their own information in the possession of a third party or individual on condition that the business itself complies
- provide a procedure for requesting information within a specific or regulated environment.
Entities can only rely on the protection offered by the Act and enforce protection of its own information against any unwanted disclosure if they can provide evidence of their own compliance. Drafting a sub-standard Manual has often been interpreted as non-compliance. It is therefore the responsibility on the Head of the body to ensure that the Manual is drafted by a competent person with the relevant qualifications and practical experience to minimise unwanted disclosure and consequences. Non-compliance with the Act or failure to consider the risks associated with non-compliance would be a breach of a director’s fiduciary duties and such director(s) would be deemed liable in their personal capacity in terms of the Companies Act 71 of 2008.
SERR Synergy assists businesses in compiling PAIA Manuals and submitting these to the South African Human Rights Commission on an annual basis. Our professional legal team ensures that all the information of the business, including the Information Officer’s details, is provided in the Manual. The Manual also includes the different categories of information, with an indication of which information is confidential or automatically available, as required by the POPI Act. We ensure that our clients keep their PAIA Manual updated, on-site and accessible on their website.
About the Author: Retha van Zyl completed her BCom Hons (Economics and Risk Management) studies at the North West University. She joined our team in January 2016 and currently holds the title ‘Information Compliance Advisor’. She specialises in POPI and PAIA compliance, which includes compiling and submitting PAIA Manuals to the Human Rights Commission. She also compiles the Data and Information Protection Report to identify risks associated with information security and drafts Information Security policies for procedural compliance in each department within an organisation.
To view our profile, click here
Business Essentials is Africa’s premium networking and business directory.
Read more from our Pressroom: