Prior Authorisation
The Protection of Personal Information Act (POPIA) requires responsible parties to obtain prior authorisation from the Information Regulator before processing certain types of personal information that may pose a higher risk to the rights of data subjects.
Prior authorisation is required in specific circumstances outlined in section 57 of POPIA, particularly where the processing involves unique identifiers, sensitive personal information, or the linking of information across multiple sources.