Privacy laws are gradually being strengthened around the world in the face of a growing market for personal data.
The EU introduced a broad reaching data privacy protection scheme with GDPR and Australia has sought to increase penalties for significant data breaches.
New Zealand will soon join these ranks with amendments to the Privacy Act 1993 to ensure personal information is both secure and accessible to those who have handed it over.
Before the end of 2019, the New Zealand Government is looking to introduce requirements for business to report serious privacy breaches, i.e. those in which leaked personal information could carry a risk of harm to individuals.
Businesses will not be able to destroy or withhold personal information it has collected in the event someone requests a copy of their personal information. Any overseas-based service providers used by New Zealand businesses will also need to comply with New Zealand privacy laws.
While the response to the proposed new amendments to the Privacy Act will depend on how your business collects, stores and disposes of data, the Government recommends each business appoints a Privacy Officer to understand and manage these processes.
A good way to start getting prepared is to make sure you are currently on the most up to date versions of your operating systems and business, payroll and ERP software. This would mean that any new security updates could be applied more effectively.
The New Zealand Government website provides more guidelines for implementing and managing data privacy procedures, as well as online learning modules to help familiarise your staff with best practices.