Start main page content

Data Protection and POPIA

Application Form
Complete Online Application Form at

Start Date
15 July 2024

Apply By
21 June 2024


Duration & Format
This is a semester-long course where participants attend evening lectures from 17:30 to 19:00 once a week during the period 15 July to 22 October 2024. Exams will take place between 30 October to 26 November 2024. Courses might be delivered through blended learning. Students are required to have basic computer skills and stable internet connection.

Data protection has become a fundamentally important part of modern life as more and more of contemporary life is played out and experienced over the internet. South Africa has introduced the Protection of Personal Information Act (POPIA) to regulate data privacy. POPIA incorporates many of the General Data Protection Regulation (the GDPR) features, which is the European Regulation in the field. The Data Protection and the Protection of Personal Information Act (POPIA) postgraduate certificate course will enable participants to apply the principles in POPIA in a practical context.

Course Outcomes
On completion of the course, participants should be able to:

  • Critically assess modern data protection law and understand the limitations of both POPIA and the GDPR;
  • Apply the principles and provisions in POPIA to problems that arise when personal data is processed; and
  • Solve problems that involve the application of POPIA to real-world situations.

Course Content
The course will cover the following topics:

  • Introduction and background to data protection;
  • International perspective on Data Privacy and the General Data Protection Regulation (GDPR);
  • POPIA:

              -   Introduction to the Protection of Personal Information Act (POPIA)
              -   Lawful processing conditions in the POPIA
              -   The Common Law of Privacy
              -   The Information Regulator and regulatory challenges;

  • Introduction to Protection of Access to Information Act;
  • Grounds of refusal, public interest under PAIA and POPIA;
  • Introduction to the Regulation of Interception of Communications Act (RICA);
  • The Constitutionality of the RICA; and
  • Overview of data protection law and its limitations.

Target Audience
Data protection officers, compliance officers, legal advisors, and individuals responsible for managing personal information.

Application Process
The course is open to anyone with a tertiary education. Applicants with relevant work experience may also be admitted in exceptional circumstances.

You will be required to submit a copy of your Bachelor’s Degree, academic record as well as a copy of your identity document or passport.

A detailed Curriculum Vitae will be required if your application is based on work experience.

Kindly note that all foreign qualifications must be submitted with a SAQA Evaluation Letter.

Additional Information
The following certificates can be obtained:

  • Certificate of Competence: To obtain a certificate of competence, students are required to attend and participate in 75% of the lectures and to complete the assessments as required in the course. 
  • Please note that a Certificate of Attendance is not available for this course.

This postgraduate certificate course is accredited by the university in accordance with its statutory mandate.  It does not lead to a qualification registered on the National Qualifications Framework

Mahlatse Masemola Tel No: +27 11 717 8438; Email 
Ursula Dillner-Dangor Tel No: +27 11 717 8435; Email: