[Regulation 4 Heading substituted by Notice No. 6126, GG52523, dated 17 April 2025]
| (1) | An information officer must, in addition to the responsibilities referred to in section 55(1) of the Act, ensure that— |
| (a) | a compliance framework is developed, implemented, monitored and maintained and continually improved; |
[Regulation 4(1)(a) substituted by (4.2) of Notice No. 6126, GG52523, dated 17 April 2025]
| (b) | a personal information impact assessment is done to ensure that adequate measures and standards exist in order to comply with the conditions for the lawful processing of personal information; |
| (c) | [Regulation 4(1)(c) deleted by (4.1) of Notice No. 6126, GG52523, dated 17 April 2025] |
| (d) | internal measures are developed together with adequate systems to process requests for information or access thereto; and |
| (e) | internal awareness sessions are conducted regarding the provisions of the Act, regulations made in terms of the Act, codes of conduct, or information obtained from the Regulator. |
| (2) | [Regulation 4(2) deleted by (4.3) of Notice No. 6126, GG52523, dated 17 April 2025] |
