Legal

PAIA Manual

Manual prepared in terms of section 51 of the Promotion of Access to Information Act 2 of 2000 (PAIA), read with the Protection of Personal Information Act 4 of 2013 (POPIA).

Last updated: 14 June 2026

This manual is published in terms of section 51 of the Promotion of Access to Information Act 2 of 2000 (PAIA). It tells you what records SentinelHC holds and how you may request access to them. Since POPIA amended PAIA, this manual also sets out how SentinelHC processes personal information and how you may exercise your rights as a data subject.

Every private body in South Africa is required to have a PAIA manual and to make it available to the public. The small business exemption that previously applied fell away at the end of 2021, so this manual applies in full.

1. Particulars of the private body

Name of body: SentinelHC (Pty) Ltd

Registration number: 2026/278247/07

Physical and postal address: 41 Brackenhill Road, Waterfall, Durban, 3652

Telephone: available on request by email

Email: info@sentinelhc.co.za

Website: www.sentinelhc.co.za

SentinelHC provides complete compliance documentation and ongoing compliance support for South African healthcare practices, currently specialising in dental practices, with expansion into other practice types in progress.

2. The Information Officer

All requests for access to records and all queries relating to this manual must be directed to the Information Officer.

Information Officer: Charles Stainbank

Registered with the Information Regulator: registration number 2026-018764

Email: info@sentinelhc.co.za

3. The Guide on how to use PAIA

The Information Regulator has, in terms of section 10 of PAIA, compiled a Guide that explains how to use the Act to request access to information. The Guide is available in all official languages and may be obtained from the Information Regulator.

The Information Regulator (South Africa)

JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001

Email: PAIAComplaints.IR@inforegulator.org.za

Website: www.inforegulator.org.za

4. Records held by SentinelHC

The following categories of records are held by SentinelHC. Listing a category here does not mean it will automatically be released, access is granted in accordance with PAIA and may be refused on the grounds set out in the Act.

Client and enquiry records

  • Compliance evaluation submissions and reports
  • Client intake information and the compliance documentation we prepare
  • Correspondence with clients and enquirers
  • Service agreements, invoices, and payment records

Internal business records

  • Company statutory records and registration documents
  • Financial, accounting, and tax records
  • Supplier and service-provider records
  • Marketing material, website content, and subscriber lists
  • Operational policies and internal procedures

5. Records accessible under other legislation

Certain records are also held or made available in terms of other legislation, including but not limited to:

  • Companies Act 71 of 2008
  • Income Tax Act 58 of 1962 and the Tax Administration Act 28 of 2011
  • Value-Added Tax Act 89 of 1991, where applicable
  • Protection of Personal Information Act 4 of 2013
  • Basic Conditions of Employment Act and Labour Relations Act, where staff are employed

6. How to request access to a record

To request access to a record held by SentinelHC, you must:

  • Complete the prescribed request form (Form 2 of the PAIA Regulations) for a request to a private body
  • Submit it to the Information Officer at info@sentinelhc.co.za
  • Provide enough detail to identify the record and the form of access required
  • Identify the right you are seeking to exercise or protect, and explain why the record is required to exercise or protect that right
  • Provide an address and contact details, and state whether you wish to be informed of the decision in any manner in addition to writing

The Information Officer will respond within 30 days, as required by PAIA. This period may be extended in the circumstances allowed by the Act, in which case you will be notified. Access may be refused on any of the grounds set out in PAIA, including the mandatory protection of the privacy of a third party and the commercial information of a third party. Where a request is refused, you will be given written reasons and informed of your right to appeal or to approach the Information Regulator or a court.

7. Fees

The fees prescribed in the Regulations to PAIA apply to requests made to a private body. These may include:

  • A request fee, payable when the request is submitted
  • An access fee, calculated on the time taken to prepare the record and the format in which it is provided
  • A deposit, where the preparation of a record is expected to take longer than the prescribed time

The current prescribed amounts are available from the Information Officer on request and from the Information Regulator. A requester will be notified of the fees payable before a record is prepared or released.

8. Processing of personal information under POPIA

SentinelHC is a responsible party under POPIA and is registered with the Information Regulator. We process personal information lawfully and only for legitimate, clearly defined purposes.

Purpose of processing

  • To assess a practice's compliance status and provide an evaluation report
  • To deliver compliance documentation and services to clients
  • To administer our client relationships, including invoicing and support
  • To send compliance updates and marketing where consent or a legitimate interest exists

Categories of data subjects and personal information

  • Practice principals and staff: name, practice name, email, telephone, location, and compliance-related responses
  • Suppliers and service providers: contact and account details

Recipients and cross-border transfers

We share personal information only with the service providers needed to run our business, including Google, Netlify, and, once the client portal launches, Supabase. Some of these providers store data outside South Africa, and we take reasonable steps to ensure your information remains protected to a standard consistent with POPIA.

Security safeguards

We apply appropriate technical and organisational measures, including encrypted transmission, access controls, and secure, access-controlled storage, to protect personal information against loss, unauthorised access, and misuse.

Your rights as a data subject

  • To request access to the personal information we hold about you
  • To request correction or deletion of your personal information
  • To object to processing for direct marketing
  • To lodge a complaint with the Information Regulator

Full detail on how we handle personal information is set out in our Privacy Policy.

9. Availability of this manual

This manual is available free of charge on our website at www.sentinelhc.co.za, and on request from the Information Officer. It is also available for inspection at the Information Regulator.

10. Updates to this manual

This manual will be updated when SentinelHC's circumstances or the law change. The "Last updated" date at the top of this page reflects the most recent version.

For any request or query relating to this manual, contact the Information Officer at info@sentinelhc.co.za.