Understanding POPIA law as a Life Healthcare patient
The effective date for compliance with the Protection of Personal Information Act was 1 July 2021, a move that enhances Life Healthcare’s already extensive measures to safeguard patient data.
By now, most South Africans have been notified about South Africa’s new privacy law. But what exactly is the Protection of Personal Information Act (POPIA) and how will it affect you personally?
‘The POPIA law that was introduced to South Africa on 1 July is fundamentally about protection of the privacy of a person – both corporate and natural,’ says Neil Kirby of Werksmans Attorneys, a specialist in healthcare regulatory law.
What is Special Personal Information?
‘When it comes to POPIA and healthcare, we are talking about a category of Special Personal Information or information relating to a person’s health,’ says Neil.
‘This is often highly sensitive and confidential information and many people aren’t comfortable with just anyone having access to those details. POPIA is designed to reassure people who are uncomfortable about this information being unlawfully accessed by others.’
What does the South African Bill of Rights say?
‘The Constitution of South Africa entitles us to privacy, as set out in the Bill of Rights,’ says Neil. ‘Nobody wants their personal data to be accessed without their permission and POPIA sets out that you may not access a person’s health records except where necessary as part of proper medical treatment.’
How does Life Healthcare ensure POPIA compliance?
All patient records are kept safe at Life Healthcare, using appropriate security measures to prevent unauthorised access or unlawful processing of personal information and to prevent personal information being lost, destroyed or damaged.
Information systems are monitored to ensure robust security and all personal information that is provided is stored securely.
What happens in an emergency?
An example of a situation where medical staff might need to access your medical records would be if you were unconscious or suffered a heart attack.
A medical team that is able to access your medical history – what type of medication you’re on or whether you have a history of a heart condition – will often be able to give better care because they are able to see your health details.
POPIA dovetails with the National Health Act 61 of 2003, enabling a doctor to transfer information to another doctor during the course of the treatment of a patient.
An example of a situation where this might happen would be a cardiologist sharing a patient’s history with another specialist who is treating the same patient.
‘POPIA is a bespoke application for different organisations and it is up to individuals and organisations to work within the framework of the law. For example, an office administrator will allocate access to patient data to the relevant doctor depending on whether it is necessary,’ explains Neil.
Health professions protection
In addition to POPIA, South African patients are also protected by guidelines issued by the Health Professions Council of South Africa (HPCSA). The HPCSA offers guidance to doctors dealing with and safeguarding confidential patient data, and it is based on the Health Professions Act 56 of 1974.
Life Healthcare’s Privacy Notice, and Promotion of Access to Information Act (PAIA) Manual that is available on our company website on the bottom-left corner of the home page, provides more detail about how patients’ personal information is protected and respected. You can also read about the patients rights and responsibilities on the website.
The information is shared on condition that readers will make their own determination, including seeking advice from a healthcare professional. E&OE. Life Healthcare Group Ltd does not accept any responsibility for any loss or damage suffered by the reader as a result of the information provided.