Information Officer and Deputy Information Officer Appointment and Delegation
Legal Requirement for Appointing an Information Officer
The POPI Act / POPIA has contained a requirement for the appointment of an Information Officer since it was signed into law in 2013 within the context of assigning Accountability (Condition 1 in the Act) for implementing and maintaining compliance measures.
The Promotion of Access to Information Act (PAIA) of 2000 also has a requirement for an Information Officer to be appointed.
POPIA and PAIA both include requirements for the Information Officer role for public bodies and private bodies i.e. government organisations and private/commercial organisations.
Information Officer Appointment – Who should the Information Officer be?
From a POPI Act / POPIA perspective, the Information Officer in an organisation is the Designated Head e.g. the CEO in a commercial organisation and a Director General, Principal Officer or similar role in a government organisation. In the Guidance Notice for Information Officers and Deputy Information Officer it also states the head of the organisation may authorise any other person to fulfil the role.
POPIA and PAIA both make provision for one or more Deputy Information Officers to be appointed to carry out the duties for ensuring compliance. It is important to note that the delegation or appointment of a Deputy Information Officer does not transfer accountability for compliance. The head of the organisation remains accountable for ensuring compliance irrespective of who is appointed as the Information Officer or Deputy Information Officer.
Appointment of Information Officer and Deputy Information Officers.
Information Officer
Information Officer – The appointment should be in writing using an appointment document. It should be signed by the person making the appointment and the person who is being appointed. Examples are:
- Where the CEO is being appointed, the appointment should be made by a Board Member or through a resolution in an appropriate committee, for example an EXCO meeting.
- Where the CEO is appointing another person, for example a Chief Operating Officer, the appointment should be made by the CEO.
Deputy Information Officers
PAIA requires that one or more Deputy Information Officers should be appointed in order to ensure that the function is easily available to persons wishing to raise request for information and for providing guidance to requesters. Further requirements are:
- It is recommended that a Deputy Information Officer should report to the highest management office within a Body. This means that only an employee at a level of management and above should ideally be considered for designation as a Deputy Information Officer of a body.
- The Deputy Information Officer appointment should be in writing using an appointment document. It should also be incorporated into the DIO’s job description.
- The Deputy Information Officer must be an employee of the organisation and must be based in South Africa in a multi-national organisation.
- A Deputy Information Officer should have a reasonable understanding of the business operations and processes of a body. An employee(s) with institutional knowledge is preferred for designation as a Deputy Information Officer(s).
For information about the duties and responsibilities of these roles, pleas read the article called Duties and Responsibilities of the Information Officer and Deputy Information Officer here.