New Australian Privacy Principles
New Australian Privacy Principles (APPs) apply from 12 March 2014. Compared to the current privacy laws, the new laws place greater responsibility on organisations to ensure that they have comprehensive and transparent practices, procedures and policies regarding privacy in place.
As such, a review of current privacy policies must be conducted to ensure they are up-to-date and compliant with the new laws, especially in relation to:
- How the company holds, collects and uses personal information;
- The purposes of holding, collecting and using personal information;
- How the company handles complaints in relation to its collection or use of personal information; and
- The deletion of data that is no longer required for business, legal, privacy or regulatory purposes
Consequences of Privacy Breaches and Non-compliance
The risks associated with data privacy breaches and subsequent non-compliance can have serious implications for an organisation’s financial, reputational and operational activities.
From March 2014, breaches of the Privacy Principles will not only damage a company’s reputation if reported publicly, but also carry fines of up to $1.7 million. Furthermore, the company risks exposure of confidential personal or business information (both internally via a potentially disgruntled employee and externally through cyber attacks) and a reduction in the capacity to perform its operational functions or activities.
Is Your Business Covered?
As the volume and complexity of electronic data increases, so do the challenges associated with how that data is collected, managed, stored and protected. The tough penalties enforced for data breaches are not covered by standard business insurance policies. These policies will only provide cover for tangible assets and nothing beyond this.
This is where Cyber Insurance is designed to assist companies. The new privacy laws have seen a growth in demand for this product, and have seen it become even more relevant. Cyber Insurance protects companies from exposure to cyber crime and whilst all Cyber Insurance policies differ, most will cover multiple third party cyber exposure claims arising from network outages, the spread of viruses or malicious code and computer theft and extortion. They should also cover first-party losses including public relations costs, recovery of lost data, business interruption costs and legal fees, client notification expenses, regulatory fines and IT forensic investigation fees.
Find Out More
Disclaimer – “This material contains general information only and may not suit your particular circumstances. To decide if a policy is right for you please carefully read the relevant Product Disclosure Statement (PDS) and/or Policy wording. While we have exercised due care and skill in preparing this information, Optimum Insurance Services (Optimum) does not accept any legal responsibility or liability for negligence or otherwise to you or anyone else who seeks to rely on this information. This includes, without limitation, loss arising from a possible failure of the information to comply with statutory or regulatory requirements or the failure of the information to identify other terms and conditions beyond those considered in this document. You should obtain advice to ensure that your policy provides adequate cover for your circumstances.
Optimum Insurance Services Pty Ltd is a Corporate Authorised Representative of Insurance Advisernet Australia Pty Ltd (Car No. 291220), Australian Financial Services Licence No 240549, ABN 15 003 886 687.”