Privacy Act 2020 and what it means for your IT Systems

The updated Privacy Act 2020 came into effect on 1 December 2020

The Privacy Act 2020 is an update to the previous Privacy Act 1993, which provided the principals and guidelines on how organisations need to treat the Personal Information that they collect,
store and use. It is important that everyone in the organisation knows what is expected of them when dealing with other people’s personal information, from staff and volunteers who may be collecting and entering data, to directors and trustees who need to ensure the IT systems in place are robust and secure.

The organisation needs to have appropriate policies and procedures in place, so that any information is safe, secure and used appropriately.

Some of the updates to the Act include:

Mandatory Breach Notifications
You must notify both the privacy commissioner and the affected party if you have a data breach

Compliance Notices able to be issued by the Privacy Commissioner
To require organisations to comply with the Act

Penalties and Fines
For acting improperly with collecting or using personal information

International Protection
With overseas companies that do business in New Zealand now specifically having to comply with our Act, and New Zealand organisations only being allowed to disclose information to overseas organisations if they have similar levels of protection to ours.

We are currently running an introductory online webinar, plus a full-day workshop on this topic

Online Webinar

The online webinar for the Privacy Act 2020 provides an introduction to the Privacy Act in general and the what has changed in the 2020 update.  

It then looks at what this means to the IT systems and how this fits with the overall IT Risk Management in your organisation.

The webinar also provides some top tips on how to avoid a data breach in your organisation and some simple things to do to make your systems more secure.

In-Person Workshop

The in-person workshop looks at what you need to do to secure the Personal Information that you collect, store and use in your organisation.  

It will step you through the process of identifying what you need to protect and what all the risks are. You will then be shown how to analyse and assess the risks, determine your risk appetite and work out the appropriate risk responses.  

All attendees will receive a toolkit of templates and resources that can be used to document a full Risk Report and Treatment Plan.

What you will learn

Review of updated Privacy Act 2020

Review of the People, Processes and Tools in the organisation.

Identify all of the information assets within the organisation.

Identify the risks to the data within the organisation.

Analyse and rank the risks.

Determine you Risk Appetite.

Identify risks that need mitigation steps.

Document a risk report with recommended steps.

Are you interested in attending a Privacy Act 2020 Workshop? Fill out the form below and we'll be in touch soon.

{{errors.first('rs-851f-f4e6-225e', 'rs-851f-0875-841b')}}
{{errors.first('rs-851f-f4e6-2f84', 'rs-851f-0875-841b')}}
{{errors.first('rs-851f-f4e6-744e', 'rs-851f-0875-841b')}}
{{errors.first('rs-851f-f4e6-5a5d', 'rs-851f-0875-841b')}}
{{errors.first('rs-851f-f4e6-62bd', 'rs-851f-0875-841b')}}

Thank you for your message - we will be in touch shortly.