BY Stephen Cavey | 24 March 2021
On December 1, 2020, the Privacy Act 2020 took effect in New Zealand. The law guides how organizations gather, use, share and save personal information. The Privacy Act also mandates that organizations must report “serious” data breaches immediately if there is a “risk of harm.” “Risk of harm” refers to any incident in which data has been leaked outside of the organization.
This act will replace the Privacy Act of 1993 and offer more protections for individuals while simultaneously holding businesses more accountable for their data hygiene. The rules within the Privacy Act apply to any data handlers based in New Zealand or organizations that carry out business in New Zealand virtually or collect data on its citizens.
Although data at face value may seem anonymous and innocent, when it ends up in the wrong hands, it can place an individual’s identity at risk. According to New Zealand’s new law, personal information, or PII, is considered any information that provides details about a specific individual, including:
The updated New Zealand Privacy Act is composed of 12 principles that guide organizations toward safer and more effective data usage. Below are the principles outlined in the Privacy Act.
The European Commission has the power to deem countries outside of the EU as having sufficient practices in place to protect European citizens. New Zealand is only one of 12 countries deemed by the EU to offer adequate enough data protection. This means that EU personal data can flow from EU to New Zealand under New Zealand data protection laws without additional protection required. However, the European Commision may also amend or withdraw an adequacy solution at any point, thus giving reason for New Zealand and other countries to be at the forefront of data compliance and protection.
With more consumers turning towards their smartphones to conduct business, access social media, shop, and conduct research over the internet, the New Zealand Privacy Act is a timely and important safeguard for consumer privacy and protection. This law will protect New Zealand citizens regardless of where an organization is located if they are engaging with citizen data.
Ground Labs is poised to adapt to the ongoing global compliance landscape with tailored solutions such as Enterprise Recon. The time is now to get your business up-to-date with the Data Privacy Law.
Ready to learn more? Schedule a meeting with an expert today.
Share this article!
Want to keep up with all our blog posts? Subscribe to our newsletter!
As companies all around the world continue have large portions of their workforce remote, the need to keep their data safe and protected is even more critical. To help companies navigate this new reality and mitigate security risks, we are providing a 90-day complimentary version of our flagship solution—Enterprise Recon. Learn more about it here.
Please submit the form below and we’ll contact you to schedule a discovery call. Want to skip the email? Go here to schedule a meeting directly on our calendar.