Promotion of Access to Information Act (2 of 2000)
The NWU complies with the Promotion of Access to Information Act 2 of 2000. Therefore an information manual has been published.
All persons wanting to make application for access to records held by the NWU may do so by clicking on the following request form and completing the online application.
Should you wish to appeal a decision made with regard to access to records, you may do so by clicking on the following notice of internal appeal form.
PLEASE ENSURE THAT YOU COMPLETE ALL THE FIELDS.
The NWU Records Management Policy as well as the NWU file plan and disposal schedule (available on request from the Records Manager) provide an indication of the records the NWU keeps and the manner in which they are managed (record name, reference number, retention period and disposal instruction).
Please note that not all records listed in the NWU file plan and disposal schedule will not necessarily be made available on demand, seeing that certain records are fully or partially confidential and the internal disposal procedures followed by the NWU.
Please take note that Management Information, Student Administrative Systems, Information Technology, Protection Services, etc will no longer receive and handle any requests for data extraction/reports without the completion of the PAIA form if the data concerned can be classified as personal information.
Protection of Personal Information Act (4 of 2013)
In simple terms, the purpose of the Act is to ensure that all South African institutions conduct themselves in a responsible manner when collecting, processing, storing and sharing another entity's personal information by holding them accountable should they abuse or compromise your personal information in any way.
The Act considers personal information as extremely valuable and therefore bestows on an individual, as owner of the personal information, certain rights of protection and the ability to exercise control over:
- when and how you choose to share your information (requires consent);
- the type and extent of information you choose to share;
- transparency and accountability on how your information will be used;
- providing you with access to your own information as well as the right to have your information destroyed;
- who has access to your information;
- how and where your information is stored; and
- the integrity and continued accuracy of your information.
What is personal information?
Personal information is any information relating to a living person, and where applicable, an existing juristic person. It may include the following:
- ID/passport number
- Birth information
- Contact details (including online/instant messaging identifiers)
- Gender, race and ethnic origin
- Photos, voice recordings, video footage, biometric data
- Marital/relationship status and family relations
- Criminal record
- Private correspondence
- Religious and philosophical beliefs including personal and political opinions
- Employment history
- Financial information
- Educational information (academic record)
- Physical and mental health information
- Membership to organisations/unions
We have to accept that we now live in an information age and along with this progress comes the responsibility for each individual to take care of and protect their own information. To protect the individual's right to privacy and guard against abuse of information, data protection legislation has become necessary and therefore the Protection of Personal Information Act was enacted. The NWU aims to ensure that all processes and procedures are in place to ensure that personal information is managed in an effective and correct manner as prescribed by the Act in order to ensure good corporate governance.
The unlawful disclosure of personal information to external parties exposes the NWU to legal risks and is a level B infringement of the Disciplinary Procedure as contained in the Behavioural Manual of the NWU (which, in serious circumstances, could lead to dismissal). The NWU thus views this infringement in a very serious light.
The Act however cannot protect the individual if the individual does not take care to protect themselves. Individuals must be informed about their rights, and when asked to exercise a choice in terms of the Act, make an informed decision.
Please also read the infographic for more information.
Individuals can enquire about their personal information kept by the NWU by completing the POPI enquiry form.
PAIA and POPIA documents and announcements
Rules for the use of WhatsApp and similar groups for official NWU business - Will be available soon.
Reporting a data breach
Section 22 of the POPIA makes provision for the notification of information/data/security compromises. Please click here to read the relevant section.
Any person who knows or reasonably believes that a breach of the security of personal identifiable information has occurred should report their concern to the University as soon as possible.
Any University employee or student (including student leadership) with a responsibility for data protection must report known or suspected breaches of security of personal identifiable information. These reports will enable the University to investigate and address the concern and to make determinations about appropriate notification to the data subjects concerned, of the personal identifiable information. All reports of breaches will be dealt with in accordance with the Standard Operating Procedure for breaches.
The form to report Information/data/security breaches is for staff, student leadership, students and external NWU stakeholders to report a breach of information/data/security. Should you require any assistance with the form, please contact the POPIA task team at POPIA@nwu.ac.za.
Standard Operating Procedures related to PAIA and POPIA
This section is in development and will be available soon
For more information on how the NWU complies with PAIA and POPI, please contact:
Annamarie de Kock
Coordinator: Risk and Compliance
018 285 2771