Advocating improvements in your privacy practices
There are 2 key types of Privacy Risk
Compliance risk (breaking privacy law)
Reputational risk (breaking organisational trust).
It is widely recognised that it is the second of these that is the most significant, as loss of trust from your customers can swiftly put you out of business.
Simple – the New Zealand Privacy Act 2020. Nearly 30 years ago, New Zealand was at the forefront of Privacy legislation, with the world leading Privacy Act 1993 however a lot has changed over the last 27 years in terms of how data is handled; the internet, mobile phones, apps, social media, cloud computing all have had a huge impact on how personal data is collected stored, shared and used. So what data is subject to Privacy laws?
First & Last Name
Home & Mobile Phone Numbers
Physical & Mailing Addresses
Personal & Professional Relationships
Not really. But they are related. Data privacy is focused on the collection, use and governance of personal information (PI)—things like putting policies and practices in place to ensure that personal information is being collected, shared and used in appropriate ways and that it is clear how your organisation is handling peoples data.. Security focuses more on protecting data from malicious attacks and the exploitation of stolen data for profit. While security is necessary for protecting data, it’s not sufficient for addressing privacy.
The process of reviewing existing privacy practice and enhancing it to ensure compliance with the upcoming Privacy Act 2020.
A privacy impact assessment (PIA) is a tool used by organisations to help identify and assess the privacy risks arising from their collection, use or handling of personal information. A PIA will also propose ways to mitigate or minimise these risks.