If not, you may be considered at high risk of data breach according to the Australian Privacy Act.
In today’s world of cloud computing, portable storage devices, electronic databases and hackers, the parameters around data security and document storage have shifted immeasurably from when the Act was first introduced. Data security has emerged as a major challenge for organisations. But how does that affect you?
• You must ensure that you have implemented sufficient information-security measures.
• You must also have contingency plans to be put in place in the event of a data breach so that if a data breach occurs it can be dealt with swiftly enough to mitigate any risk of harm that the breach may cause.
• From March 2014 the Privacy Amendment (Enhancing Privacy Protection) Act also imposes new obligations in terms of information collection and storage, as well as enforcing large fines on individuals and companies who breach the Act. Such is the nature and scope of information collection and storage, the changes also affect and modify other laws, such as employment obligations and credit reporting requirements.
The Australian Privacy Principles (APPs) contained in the Act regulate the handling of personal information by certain private sector organisation and are concerned with the collection, use, disclosure and storage of personal information. There are also separate APPs that deal with the use and disclosure of personal information for the purpose of direct marketing, cross-border disclosure of personal information and the adoption, use and disclosure of government related identifiers.