As of the 1st of December the Privacy Act 2020 will be introduced and this will impact all of us within New Zealand. What does this mean for you? Perhaps the biggest aspect of the new legislation is that compliance is now compulsory. Previously, compliance within the Act has been good practice. From the 1st December 2020 harsh penalties will apply for non- compliance.
All “agencies” that hold personal information will need to comply with the new Act. The term “agency” applies to any business or organisation that holds personal information. This affects all our businesses through our customers and employees so we are effectively an “agency”. What this means for agencies is that they need to appoint a Privacy Officer within their organisation, which carries responsibilities and accountabilities within that position. They need to have a Privacy Policy in place and understand what they need to do if a privacy breach occurs.
Agencies need to make sure that their staff and contractors know their responsibilities under the Act especially around the thirteen privacy principles. They need to know what to do if an individual requests access to personal information that is held by an agency, and what the deadlines are for doing so.
Fines will be levied for agencies that are non- compliant. Failure to notify the Privacy Commissioner of a privacy breach if it has caused serious harm, or is likely to do, is an offence and any agency in breach of the rules could be fined up to $10,000 as an example.
If a notifiable privacy breach happens, in most instances, the agency will also need to notify all affected people.
Every agency captures and uses data either actively or passively. A range of rules will need to be applied to the collection, storage and use of data.
We all need to ensure that we are ready for the Privacy Act changes, know what their requirements are and comply. You can read more about the Privacy Act Changes and what to do in the links above. (Links in orange)
Don’t risk it, be prepared.
If you are still unaware of what your business needs to do, in regards to these changes, and want to find out more you can contact:
New Zealand Business Tools – [email protected].
Privacy Commission – [email protected] or 0800 803 909.