Records Management and the Law
 By Matshediso Dlamini
 Auditor General of South Africa
 28 November 2012
Introduction
 Records Management is affected by various laws in
various ways.
 Over 800 laws regulate recordkeeping.
 About 200 of these laws are applicable in the public
sector.
 No consolidated recordkeeping laws in South Africa.
 Compliance is challenging.
 All record management professionals should know
the legislation.
So why go to the trouble?
 Reason 1
 all entities concerned with good governance must
comply with the law.
 Almost all legislation contains a number of record
retention obligations.
 Legislation is one of the major drivers of the demand for
the services
So why go to the trouble?
 Reason 2
 effective record retention management usually
translates into a significant cost saving.
 to avoid saving and archiving more records and data
than is required by law.
So why go to the trouble?
 Reason 3
 All organisations are subject to policies and legislation
aimed at the transformation of the country’s economy.
 Legislation impacts on employment practices
Questions?
 Is your organisation certain of the records management
legislation that affects it?
 Do you ever feel as though your outsourced off site storage
costs are high?
 Can you easily locate records you require within your
organisation?
 Would you find it difficult to provide an individual with a
complete report of all the information your organisation holds
on him/her?
 Is there a records classification system within your organisation?
 Does your organisation have a clear understanding of who has
the authority to request records from them?
 Does your organisation have a records retention schedule?
Regulatory Records Management
framework in SA











Constitution of the Republic of South Africa, 1996
NARSA (Act No. 43 of 1996)
PAIA, 2000 (Act No. 2 of 2000)
PAJA(Act No. 3 of 2000)
PFMA(Act No. 1 of 1999)
MFMA (Act No. 56 of 2003)
Companies Act (No. 71 of 2008)
ECTA(Act No. 25 of 2002)
MISS(1996)
POPI Bill
POI Bill
Constitution of South Africa (1996)
 Sections 141 and 195 (1) (f) of the Constitution of South
Africa (1996) determine that governance should be
accountable and transparent  Section 195 provides amongst others for the:
 effective, economical and efficient use of resources;
provision of timely, accessible and accurate information; and
requires that the public administration must be accountable.
 can only be achieved if information is managed in a manner
that facilitates this accountability.
NARSA(no. 43, 1996) as amended,
and Provincial Archival legislation
 promulgated in terms of Schedule 5 of the Constitution to
 to enable the early identification of public records that are
part of the archival heritage.
 govern the way in which records are created, managed and
cared for in all governmental bodies.
 Provides for the National and Provincial Archivists to
determine the conditions subject to which records are
created.
 Provides for the appointment of a records manager to
manage the records of public bodies.
Promotion of Access to Information
Act (PAIA)
 provides the framework and procedures for citizens’
exercise of their constitutional right to information
 promote transparency, accountability and effective
governance by empowering and educating the public
 To understand and exercise their rights
 To understand the functions and operations of governmental
bodies
 To effectively scrutinise and participate in the decision making
processes of government that impacts on their rights
 All bodies are obliged to provide information to the public
PAJA
 The purpose of the Act is to ensure that
administrative action is lawful, reasonable and fair
and properly documented.
 public servants are obliged to create records that are
authentic and reliable to serve as evidence of
decisions and actions.
 Those that fail to create proper records of integrity
might not be able to prove that their actions and
decisions were fair and lawful.
PFMA (no. 1 of 1999) and MFMA (no.
56, 2003)
 The objectives of the Act are to
 regulate financial management in the public sector
 to prevent corruption by ensuring that all governmental
bodies manage their financial and other resources properly.
 PFMA Section 36(2) provides for the head of a public
sector department to be the accounting officer for that
department and one of the responsibilities of this officer is
to keep full and proper records of the department’s
financial affairs in accordance with generally recognised
accounting practices.
PFMA (no. 1 of 1999) and MFMA (no.
56, 2003)
 PFMA Section 40(1) states that the accounting officers of
governmental bodies are also required to keep full and proper
records of the financial affairs in accordance with prescribed
norms and standards.
 Without sound records management, and without complete
records, senior managers will not be able to present reliable and
accurate financial statements to the Auditor-General.
 (MFMA) The municipal manager must ensure that full and
proper records of the financial affairs of the municipality are
kept in accordance with any prescribed norms and standards
and must ensure reasonable protection of the assets and
records of the municipality.
Companies Act (no. 71, 2008)
 not specifically designed to regulate records-keeping
practices in private bodies,
 obliging private companies to keep specific types of
records in an accessible form for a specific period of
time,
 the Act also regulates access to company records in
conjunction with the Promotion of Access to
Information Act, 2000.
Companies Act (no. 71, 2008)
 Under this act, companies are obliged to keep the
following records:
 Incorporation records (Indefinitely)
 Information regarding directors (7 years)
 Access to information – in accordance with PAIA
 Accounting records
 Records of all liabilities and obligations
 Records of all revenue and expenditures
 Reports (7 years)
 Minutes of directors and committee meetings (7 years)
ECTA
 enable and facilitate electronic communications and
transactions
 acknowledge the importance of such information for
economic and social prosperity
 promote legal certainty and confidence in electronic
communications and transactions
 promote e-government services and electronic
communications and transactions
 to give legal recognition to data messages
 aimed at ensuring that records created in or converted to
electronic form are created, managed and stored in
trustworthy electronic systems
MISS
 Information security deals with the protection of
information, in its electronic and paper-based forms,
as it progresses through the information lifecycle for
capture, processing, use, storage, and destruction.
 Minimum Information Security Standard provides for
records to be classified according to their levels of
sensitivity.
POPI Bill no. 9, 2009
 Personal information is any information capable of
identifying an individual, such as medical records, tax
records, census records, bank records, information on
purchasing habits and property ownership.
 The purpose of POPI is to lay down guidelines regarding
the collection, storage and processing of personal
information by the public and private sectors.
 The right to privacy is enshrined in Section 14 of the
Constitution as well as in Chapter VIII of the ECTA and
Chapter IV of PAIA.
POI Bill no 28, 2008
 The purpose of this Bill is to design a coherent
approach to the protection, classification and
declassification of government information.
 The intention is to work in conjunction with archival
legislation to manage and preserve records and
protect national security.
 This Bill defines a much wider area of responsibility
for proper information management than the NARS
Act and its provincial equivalents
Questions /Comments
Thank You!