Working in Privacy Overview and Information Officer

This page explains how to run the core Privacy overview routes in the current VerityLaw UI, including the processing-activity register and the Information Officer administration pages.

Product: VerityLaw
Module: Privacy Overview
Role: Information Officer, deputy officer, privacy operator, department lead
Difficulty: Beginner
Time: 10 to 15 minutes
Last Updated: 2026-03-10
Version: Current repo baseline

Before You Start

• Confirm you are in Privacy & Compliance in the sidebar.
• Know whether your task is dashboard review, register maintenance, officer designation, or operator maintenance.
• Keep organisation information ready before editing Information Officer or operator records.

What does this module cover?

This manual covers the current Privacy overview routes:

• Privacy Dashboard
• Data Map
• Data Flow Map
• Information Officer
• Compliance Health
• Operators

Important navigation note

The sidebar shows both Privacy Dashboard and Data Map. They are not the same route:

• Privacy Dashboard is the high-level compliance overview.
• Data Map opens the processing-activity register at /dashboard/privacy.

Use the Privacy Dashboard first

1. Open Privacy Dashboard.
2. Read the POPIA Compliance Score banner.
3. Review the top summary cards:
   • Processing Activities
   • Active Consents
   • Pending DSRs
   • Open Breaches
   • Completed Assessments
4. Review the additional sections if they are populated:
   • Consent Health
   • Data Subject Requests
   • Recent Breaches
5. Use the Quick Actions tiles if you need to jump directly into:
   • Register Processing Activity
   • New DSR
   • Report Breach
   • PAIA Appeals

Maintain the Data Map register

Review the register

1. Open Data Map.
2. Check the top counters:
   • Total Activities
   • High Risk
   • Pending Review
   • Cross-border
3. Review each processing activity row for:
   • Activity
   • Organisation
   • Purpose
   • Legal Basis
   • Status
   • Cross-border
4. Use Edit or Delete where required.

Create a new processing activity

1. Click New Activity.
2. Complete Activity Details:
   • Activity Name
   • Purpose
   • Legal Basis
   • Description if needed
3. Complete Data Details:
   • Data Categories
   • Data Subjects
   • Recipients
4. Complete Cross-border & Retention:
   • Cross-border Transfers
   • Transfer Countries if applicable
   • Retention Period
   • Review Date
   • Security Measures
5. Click Create Activity.
6. Confirm the activity returns to the main register.

Use Data Flow Map for review, not editing

1. Open Data Flow Map.
2. Review the summary cards:
   • Processing Activities
   • Data Subject Types
   • Third-Party Operators
   • Cross-Border Transfers
3. Read the four visual columns:
   • Data Subjects
   • Processing Activities
   • Data Categories
   • Third Parties
4. If cross-border transfers exist, review the highlighted country list at the bottom.

Honest scope note

Data Flow Map is a visual review screen. It does not expose create, edit, or delete actions.

Maintain Information Officer details

Review current officer details

1. Open Information Officer.
2. Check the organisation section:
   • Organisation Name
   • Contact Email
   • Contact Phone
   • Manual Status
3. Check the officer section:
   • Information Officer Name
   • Deputy Information Officer

Designate or update the officer

1. Click Designate Officer or Edit.
2. Enter:
   • Information Officer Name
   • Deputy Information Officer Name
3. Click Save Changes.
4. Confirm you return to the Information Officer page.

Honest scope note

If no PAIA manual exists yet, saving officer details creates a draft PAIA manual automatically. The page manages names and linkage to the manual; it is not a full regulator-submission workflow.

Use Compliance Health for approval work

1. Open Compliance Health.
2. Review the dashboard metrics:
   • Processing Activities
   • Active Consents
   • Open Breaches
   • Pending DSARs
   • Training Completion
   • Policy Acknowledgement
3. If Pending Impact Assessments are listed, review the row details.
4. Click Approve or Reject for each assessment that is ready for decision.

Honest scope note

This page is a health dashboard with impact-assessment approval buttons. It is not a full remediation workspace.

Manage Operators

Review the operator register

1. Open Operators.
2. Review:
   • Name
   • Registration No.
   • Contact Person
   • Email
   • Status
   • Risk Rating
   • Last Audit

Add a new operator

1. Click New Operator.
2. Complete Operator Details:
   • Operator Name
   • Registration Number
   • Risk Rating
   • Contact Person
   • Email
   • Phone
   • Country
   • Address
3. Complete Processing Details:
   • Services Provided
   • Data Categories
   • Security Measures
4. Save the operator.
5. Confirm it appears in the register.

Honest scope note

The current operator workflow supports create and list views. A visible operator edit route is not exposed from the current navigation tree.

Common mistakes to avoid

"I updated the Privacy Dashboard, so the Data Map must also be updated"

Why this happens: The dashboard is a summary surface. The source register is Data Map.

Fix: Make register changes in Data Map, then return to Privacy Dashboard to review the effect.

"Information Officer means the full PAIA manual is complete"

Why this happens: Officer details and PAIA manual status are related, but they are not the same thing.

Fix: Update officer names here, then use the PAIA pages in Working in Consent, DSAR, and PAIA for manual and request reporting.

What's Next

• Working in Consent, DSAR, and PAIA
• Working in Risk, Breach, and DPA

Related Pages

• Compliance Operations
• Finding the Right VerityLaw Screen
• Functionality Gap Map

Still Stuck?

• Return to VerityLaw Module Manuals.
• Use Working in Consent, DSAR, and PAIA if your next step is request handling.
• Contact support: support@veva.co.za

Was this page helpful? [Yes] [No]