Privacy breaches are commonplace. As an organisation, you must ensure you are following procedures. Ensuring your customer’s personal information is stored securely in addition to only using it for its intended purpose. In this blog, we talk about the costly realities of a privacy breach, your responsibilities and how we can assist.
Learn from others
Recent events show how important it is to have a process in place. For example, more than 100 kindergartens and 11 schools were impacted by a ransomware attack not long ago. Add to that when the Waikato DHB was attacked in a similar instance. That resulted in over 4,000 patients’ information being shared on the web.
Thankfully the right steps were followed and the situation was promptly remedied. The flip side is that if they hadn’t, they could have been fined upwards of 10 thousand dollars.
If something was to go wrong, and you have no procedures in place it could cost you money and in turn damage your reputation.
Andrew Hampton, Director General of The Government Communications Security Bureau says ransomware attacks are moving up the supply chain. He adds, they attack software suppliers rather than individual companies, which results in a much wider impact. He also noted that national organisations in New Zealand are attacked by cybercriminals – on average – once a day.
Public, private, and non-profit sectors can be affected by privacy breaches. As a business owner, you must have a policy in place and ensure your procedures are in line with the law.
Changes to the Privacy Act came into force on 1st December 2020. That means you are required to follow a strict set of rules when handling personal information, including:
- Collecting personal information
- Holding personal information
- Using and sharing personal information
In addition, there are also different privacy rules for specific industries that you may need to be aware of.
How we can help you
We’re here to help your business be legally compliant with the Privacy Act amendments.
We will work with you to:
- Ensure you are compliant by exploring each part of your internal practices
- Assess your business documentation such as your Terms and Conditions of Trade to confirm your business is protected