by John Martin, CISSP, Senior Security Architect, IBM New Zealand
Are you ready for the New Zealand Privacy Act 2020 to come into effect on 1st December 2020? There’s a lot to consider as the clock ticks down and your organisation’s ability to comply is critical if you want to avoid some of the hefty fines involved.
As you align your security strategy with your business, here are some key areas to consider as you prepare:
Reporting privacy breaches immediately
It will be mandatory for businesses to immediately report serious privacy breaches, particularly where a data breach poses a risk of harm; for example, when leaked personal information is used in identity theft or accidentally published online.
The cost of a data breach and the speed at which the breach is identified and contained can be mitigated with a combination of risk assessment, the right security solutions and processes, and partnership with a security provider that can reduce complexity.
If you’re unsure a breach has been committed by your organisation, The Office of the Privacy Commissioner (OPC) has launched NotifyUs. This online tool enables businesses and organisations to assess whether notification of a breach is required.
Who does the new Privacy Act affect?
The new Act will affect all organisations that collect, store and use personal information about their employees and/or customers. This means if someone requests personal information held by a business, the business cannot destroy ..
Support the originator by clicking the read the rest link below.
