Leo, Amy Jane2026-07-142026-07-142025https://hdl.handle.net/10566/24969In the rapidly evolving digital era that we find ourselves, the protection of personal information has become somewhat of a paramount concern, with reference to the healthcare sector where sensitive patient data lies at the core of medical care and research. To combat this pressing issue, the South African Government has introduced a comprehensive data privacy legislation in 2013 known as the Protection of Personal Information Act 4, which came into full effect in 2020. This study focuses critical review the implementation of the Protection of Personal Information Act 4 of 2013 (POPIA), within the Western Cape Health Department (WCHD) from 2015 to 2022. This study assesses the department’s efforts in safeguarding personal information and evaluates its compliance with the law. The study examines the historical context of patient data protection within South Africa’s public healthcare system, focusing on the significant shift from paper-based records to electronic health records (EHRs). It further explores the significance of POPIA in the healthcare context, emphasizing its main objective of preserving patient confidentiality, enhancing data accuracy, and strengthening data security within the healthcare network. The study employed a document analysis methodology to gain a comprehensive understanding of publicly accessible records, policies, reports, and materials related to data privacy and security within the Western Cape Health Department.enData protectionWestern Cape Health Department (WCHD)Institutional TheoryInformation GovernanceA critical review of the implementation of the Protection of Personal Information Act in the Western Cape health department: A document analysis (2015-2022)Thesis