SHEQ24 FAQ: OHS Act, POPIA & ISO Compliance.

Medical surveillance data undergoes Field-Level Encryption (FLE). Access is strictly governed by Role-Based Access Control (RBAC), meaning only appointed Occupational Medical Practitioners (OMPs) and authorised HR personnel can view sensitive clinic histories. Site supervisors and security personnel see only a compliance status indicator — never the underlying medical data.

You retain 100% ownership of your data at all times. We provide open APIs and bulk export functionality allowing you to retrieve your complete database, documents, and audit trails in standard formats. There are no data lock-in clauses.

The platform includes built-in data subject request workflows. When an employee or contractor submits a POPIA access or deletion request, the system routes it to your designated Information Officer with a tracked response deadline. Automated data destruction schedules ensure that personal information is not retained beyond its lawful purpose.

Our onboarding team handles the heavy lifting. We map your existing HIRA registers, Asset Registers, Employee lists, and Training matrices via structured CSV sanitisation processes. Our data architects validate the imported data against your operational structure before go-live, ensuring zero historic data is lost during the transition.

Depending on the complexity of your legacy data and the number of modules deployed, complete system handover typically occurs between 4 to 8 weeks. We phase the rollout to prioritise your highest-liability modules first — typically Risk, Incident, and Documents — before expanding to the full platform. We do not disrupt your active production environment during this phase.

Yes. Our architecture supports secure API handshakes with major South African-used ERP systems to synchronise employee payroll data, cost centre structures, and live asset directories. This eliminates duplicate data entry and ensures your compliance records always reflect your current organisational structure.

Absolutely. You do not need to deploy all 24+ modules on day one. Our enterprise architects will conduct a liability assessment of your current compliance posture and recommend a phased implementation plan that addresses your highest-risk areas first. Most clients begin with Risk, Incident, and Documents, then expand to People and Assets modules as adoption matures.

Yes. The SHEQ24 mobile application is built on an Offline-First architecture. Supervisors can complete audits, log hazards, capture incident reports, and trigger NCRs entirely offline. The app caches all data with full encryption and automatically synchronises with the main server the moment Wi-Fi or LTE connectivity is restored. GPS coordinates are captured at the time of the action, not at sync time.

Yes. The platform includes a dedicated Contractor Portal aligned to Section 37.2 of the OHS Act. Contractors can upload their safety files, competency certificates, medical fitness records, and Letters of Good Standing directly to the portal before arriving on site. Your safety team reviews compliance status digitally, and site access can be automatically blocked for contractors with expired documentation.

SHEQ24 is architected for multi-site enterprise operations. Each site can have its own risk registers, inspection schedules, and compliance calendars, while executive management retains a consolidated view across all facilities. Role-Based Access Control ensures that site-level users only see their own data, while group-level managers have cross-site visibility.

Yes. When an injury on duty (IOD) is logged in the Incident module, the system automatically populates the DoL Annexure 1 form using the injured employee's profile data, the incident details, and the employer's registered information. The completed form is available for immediate submission to the Compensation Fund, with a deadline tracker ensuring the seven-day reporting window is not missed.

SHEQ24 creates an immutable, timestamped audit trail of every compliance action taken across the organisation. In the event of a DoL investigation following a serious incident, your legal team can immediately produce evidence showing that risk assessments were current, employees were trained and medically fit, equipment was maintained, and supervisors were conducting regular inspections. This is the 'reasonably practicable' evidence chain that Section 16(1) defence requires.

Yes. The platform includes specific workflows for construction-sector requirements, including Health and Safety Plans, baseline risk assessments for construction activities, and contractor management aligned to the Construction Regulations. The Appoint module manages the mandatory appointment of Construction Health and Safety Officers and Agents.