HR-DOX Log-in
I accept the
Terms & Conditions
Learn more about
Terms & Conditions
Forgot your password:
Click Here
Forgot Password Email
Send password to:
HRDox Terms & Conditions
Print
COMPLIANCE WITH THE PROTECTION OF PERSONAL INFORMATION ACT, 2013 (ACT NO. 4 OF 2013)
Introduction
Laboria-Fix Consulting has taken the utmost care with the design of HR-DOC to ensure that the personal information of employees which is stored on HR-DOC is protected.
This Manual was prepared to comply with the Protection of Personal Information Act, 2013 and the Regulations Relating to the Protection of Personal Information dated 14 December 2018.
This Manual will be edited from time to time as new rulings are made by the Regulator.
What does the Act and Regulations Require?
The protection of personal information is regulated in terms of the Protection of Personal Information Act, 2013 and its Regulations published on 13 December 2018.
In terms of this Act an Information Officer must, in addition to the responsibilities referred to in section 55(1) of the Act, ensure that-
A compliance framework is developed, implemented, monitored and maintained.
A personal information impact assessment is done to ensure that adequate measures and standards exist in order to comply with the conditions for the lawful processing of personal information.
A manual is developed, monitored, maintained and made available as prescribed in sections 14 and 51 of the Act.
Internal measures are developed together with adequate systems to process requests for information or access thereto; and
Internal awareness sessions are conducted regarding the provisions of the Act, regulations made in terms of the Act, codes of conduct, or information obtained from the Regulator.
Complaints Procedures
The Act further provides that an Information Officer shall upon request by any person, provide copies of the manual to that person upon payment of a fee to be determined by the Regulator from time to time.
Compliance with the Protection of Personal Information Act, 2013 (Act No. 4 of 2013) (referred to as the POPIA) require that certain steps be taken to ensure that those individuals whose information is kept on HR-DOC (referred to as data subjects) is allowed to lodge a complaint to their employers and or Laboria-Fix Consulting (referred to as the responsible party) if the data subject:
Object In terms of section 11(3)(a) of the Act that their personal information is processed, must submit their complaint to the responsible party on Form 1.
Wishes to request a correction or deletion of personal information or the destruction or deletion of a record of personal information in terms of section 24(1) of the Act must submit a request to the responsible party on Form 2.
Any person who wishes to submit a complaint contemplated in section 74(1)1 of the Act must submit such a complaint to the Regulator on Part I of Form 5.
Any person who wishes to submit a complaint contemplated in section 74(1)2 of the Act must submit such a complaint to the Regulator on Part II of Form 5.
Compliance Framework is Developed, Implemented, Monitored and Maintained
The Compliance framework has been built into the features of HR-DOC. The system keeps track of each transaction by each user. These reports are frequently studied to ensure that unauthorised usage of the system does not take place.
Personal Information Impact Assessment is Done to Ensure that Adequate Measures and Standards Exist in Order to Comply with the Conditions for the Lawful Processing of Personal Information
An impact assessment was done to determine/identify possible risks with HR-DOC. Measures were then developed to mitigate these risks. The inherent security features of HR-DOC are set out below.
Manual is Developed, Monitored, Maintained and Made Available as Prescribed in Sections 14 and 51 of the Act.
This document is the manual referred to in the Act.
Internal Measures are Developed Together with Adequate Systems to Process Requests for Information or Access Thereto
The forms as prescribed by the Act (as published in the Regulation dated 13 December 2018) are displayed as part of this manual. These forms could be printed by the data subject or any other person and completed.
Internal Awareness Sessions are Conducted Regarding the Provisions of the Act, Regulations Made in Terms of the Act, Codes of Conduct, or Information obtained from the Regulator
The nature of HR-DIC requires that training be presented to all the users of the system. The training is done in a formal set-up and a training manual is provides to each participant.
The training session is furthermore utilised to complete the administrative processes related to HR-DOC. Various forms are completed by the prospective users. These include a declaration that the user attended an awareness session.
Security Features of HR-DOC
The database has the following security features:
Passwords get randomly generated by a combination of 8 Alpha Numeric case sensitive characters.
The change password function forces the user to have a password of at least 8 Alpha Numeric case sensitive characters.
The user is requested to renewal the relevant password after 30 days, with a further function to ensure that the same password is not used again.
Lay man attacks is controlled namely after five failed tries, the user is locked out.
HR-DOC alerts LFC when a user tried to login for 5 times and was then locked out.
The password encryption in the database is adequate to prevent unauthorised entry.
Web-page user-controls use HTML 5 password protection features to further enhance security.
Web Policy
This website privacy notice applies to personal information that Laboria-Fix collects through this website: www.hrdox.co.za.
In this context personal information refers to information relating to an identifiable, living, natural person, and where applicable, an identifiable, existing juristic person, including, but not limited to-
Information relating to race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour orientation, age, physical, or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
Information relating to the education or medical, financial, criminal or employment history of the person;
Any identifying number, symbol, e-mail address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
The biometric information of the person;
The personal opinions, views or preferences of the person;
Correspondence sent by the person that is implicitly or explicitly of a private nature or of a confidential nature or further correspondence that would reveal the contents of the original correspondence;
The views or opinions of another individual about the person;
The name of the person if it appears with other personal information relating to the person or if the disclosure on the name itself would reveal information about the person.
User refers to a person who utilises a computer or other device to access this website.
Web browser means an application used to access and views this website.
Laboria-Fix does not collect personal information on this site unless the user provides their contact information for marketing purposes. Such information will be held in confidence.
Laboria-Fix will only utilise personal information for the purposes for which it is provided for.
Laboria-Fix will not make personal information of any user available to any third party unless this is necessary for the purposes for which the user provided the information.
Conclusion
This Manual will be updated from time to time. Ay suggestions or comments to improve this manual can be sent to:
info@laboria-fix.co.za
Related Forms
Objection to the Processing of personal information in terms of Section 11(3) of the protection of personal information act, 2013 (Act No. 4 of 2013)
Email
Request for correction or deletion of personal information or destroying or deletion of record of personal information in terms of section 24(1) of the protection of personal information oct, 2013 (Act No. 4 of 2013)
Email
Application for the consent of a data subject for the processing of personal information for the purpose of direct marketing in terms of section 69(2) of the protection of personal information act, 2013 (Act No. 4 of 2013)
Email
Complaint regarding interference with the protection of personal information/complaint regarding determination of an adjudicator in terms of section 74 of the protection of personal information act, 2013 (Act No. 4 of 2013)
Email
Email Address
Supply Email address: