Privacy Compliance – What you need to know

Does your company handle personal information?

IT Partners can help you avoid privacy law breaches by knowing and taking care of your responsibilities.

Privacy is a hot issue, with constant media presence and every company from Xero to Google continually publishing updated policies and perspectives.  But what are the real requirements and risks?  And how can you best protect your business and your customers?

The New Zealand Privacy Act requires that companies have reasonable safeguards against the loss, misuse or disclosure of personal information.

This means you need to ensure you take steps to protect your customer’s information within your own IT system, and in your contractual relationships with IT suppliers such as IT Partners.

If someone gains unauthorised access to your IT system and the personal information of your customers or staff, you may be in breach of privacy law, and subjected to investigation by the Privacy Commissioner who can then publish any findings.  This can severely affect the reputation of your business.

IT Partners take privacy seriously, and fulfil our responsibilities as your IT provider by covering privacy compliance in our standard contract with all our clients.  We do all we can – but there are always parts of your system and certain applications that are out of our control.  We urge you to discuss these with us so we can help you cover off your responsibilities and keep your business and customer information safe.

In practise, the Privacy Act asks that you take appropriate steps to both protect customer information from unauthorised access, and to minimise damage should security be breached.

Your Privacy Compliance Checklist:

  • Know who is responsible for protecting your customers’ information and ensure your contractual arrangements with IT suppliers reflect that responsibility.
  • Identify the IT applications you are responsible for maintaining, and make sure they are kept up to date, and tell us about new applications that are connecting into your data from external vendors
  • Regular audits of your IT security framework should be conducted annually to assess effectiveness.
  • Practice best practice when it comes to Privacy Act compliance by staying up to date with law changes – and ensuring your IT provider does too.

You can trust that IT Partners will prioritise the privacy and security of your information to the best of our ability.  If you’re in any doubt, just give us a shout – we’ll help you out!