If your organisation is collecting personal information about people; be that staff, customers or vendors, you have responsibilities as it relates to the information you hold on them. Every organisation has obligations under the privacy act and it's easy to not meet those obligations when it comes to technology and IT systems. Let's say you have a customer database, or you have a payroll system, or perhaps a system that your clients login to, well you now have information about people and now you have obligations around how you are collecting that information, looking after that information and destroying it. The Privacy Commission has a great site describing your obligations here, worth a read! You'll see there are 13 principles that need to be considered. All of this raised a bunch of questions right?
So now that you know you might have a problem how do you solve it? Let's unpack some of these things but the good news there is a great tool that you can use to assess any dataset / system for its compliance with the 13 principles in the privacy act! That great tool? A Privacy Impact Assessment or PIA. This is a document that looks at various areas to help you assess whether you are treating your data in accordance with the Privacy Act and helps you identify additional actions you need to take to get into compliance. So what do we need to look at? There are five areas around a data set / system:
All a little overwhelming right? Well... The good news!Resolution8 has been writing Privacy Impact Assessment with our clients since we started, we know what we are doing and can help you with your challenges. We offer fixed priced privacy impact assessments, so reach out to us and we can help you workout if you need to complete a PIA or perhaps your all good!
0 Comments
|
AUTHORS.
Peter Gilbert is the Director of Resolution8 and has a passion for good project delivery. ARCHIVES.
October 2024
CATEGORIES. |