2019 Legislation summary of relevant acts

Important legislation applied to estates and their management teams in 2019. Here is a summary of each legislation, its application and what you need to know and have in order to ensure compliance.

The Companies Act

Application: An HOA that fell within section 21 of the old Act

What you need to know/have

Have you: 

• Included NPC as part of the name of the company on all documents, website, correspondence, etc.
• Changed your Articles of Association to a Memorandum of Incorporation aligning it to the new requirements of the Act

The Community Schemes Ombudsman Service Act (CSOSA)

Application: Applies to all stakeholders in a community including members, staff, tenants, directors, suppliers, visitors, etc.

Applies to any community including HOA, body corporate, time share, retirement villages, share block, etc.

What you need to know/have

Do you have:

• A dispute resolution process detailing the various types of disputes, the nature of the dispute, processes to be followed when dealing with a dispute and the parties represented in a dispute
• A clause in your MOI/Constitution/Articles of Association/management rules relating to the dispute resolution process
• Directors/trustees/committee members and staff members who have been trained in the governance issues related to a community scheme
• Clearly stated and accepted governance documents and financial controls

The Protection of Personal Information Act (POPIA)

Application: Any organisation that collects, stores and uses personal information about any individual or groups of individuals

Personal information is classified as any information not visible to the human eye

What you need to know/have

Do you have: 

• An appointed Information Officer (Accountability)
• A policy for dealing with data protection issues (Accountability)
• A record that you have trained your staff in their duties and responsibilities under the Act, and that they are putting them into practice (Accountability)
• A resolution stating what you are going to use collected information for (Specific purpose)

Can you prove: 

• Evidence that the people whose information you hold know that that you have it, and know what it will be used for (Consent)
• When collecting information you ask whether you really need this information about an individual (Minimalist)
• If you have staff details on your website, have you consulted with them about this (Consent)
• If you use CCTV, are the cameras in the right place and are you displaying notices telling people why you have CCTV (Consent)
• If you monitor staff, for example by checking their use of email, have you told them about this, explained why and obtained their consent (Consent)
• You are respecting the rules about special personal information (Special Personal Information)
• The personal information is accurate and up to date (Information Quality)
• Your staff know what to do if another employee or individual member asks for a copy of information you hold about them (Openness)
• The personal information is being held securely, whether it’s on paper or on computer or any other format (Security safeguards)
• Your website is secure (Security safeguards)
• Access to personal information is limited only to those with a strict need to know (Security safeguards)
• If asked to pass on personal information, are you and your staff clear when the Act allows you to do so (Further processing)
• You delete/destroy personal information as soon as you have no more need for it (Effective destruction and retention periods)
• You notify the Information Regulator (Information Officer)
• You are complying with the rules about Electronic Direct Marketing