Are you prepared for the Privacy Reforms?
Late last year the government made a number of changes to the Privacy Act that took effect on 12 March 2014. If your business collects and processes personal or sensitive information, these changes affect you. It is important to prepare your business in order to achieve full compliance and avoid being penalised.
The key changes include:
- A new system of privacy principles, which will significantly affect how private and public sector entities collect and handle personal and sensitive information. Personal information includes name, address, date of birth, driver’s license number, passport number, bank/credit card details etc. Sensitive information includes health records, religious beliefs, criminal record and so on.
- Enhanced enforcement mechanisms; and
- For the first time, the introduction of a civil penalty regime for breaches of privacy.
What can we do to help?
Systemnet has considerable experience in major projects relating to Payment Card Industry Compliance (PCI) and Information Security in general. We are therefore well equipped to review your current processes and help your business make the necessary changes in order to become compliant with the Privacy Act.
We will review the following to ensure compliance:
- Current handling of customer information including electronic and paper records.
- Operating procedures to ensure that they cover the key requirements of the handling of this information.
- Physical security such as employee access to the building, access to computer systems and paper records.
- Storage and backup procedures.
- Disaster recovery and business continuity plans.
- Incident and change management procedures.
- Human resources procedures.
Following the review we will provide you with a report detailing the level of compliance in these areas as well as advice on how to remediate any deficiencies.
If you would like to proceed or require any further information, please contact David Kotze on (02) 9386 2935 or [email protected]