The handling of personal information is about to get tighter and more complex in Australia with the Privacy Amendment Bill 2012 becoming law from March 12th. Australian organisations now have to operate under new rules, controlling the way they use ‘personal’ information about individuals, particularly as the trend towards cloud adoption and the use of personal devices to share information and documents in the workplace continues.
“The handling of personal information has reached a tipping point for Australian companies as the use of personal devices in the workplace multiplies exponentially. As a result, we’re seeing a shift towards cloud services that enable mobility for their users yet provide the level of security businesses require. C-level executives need to make sure they have the right tools in place to handle all personal information correctly, or they risk being fined for misconduct,” said Laureen Smith, vice president – Asia Pacific, Workshare.
The definition of personal information itself is changing and becoming much broader, encapsulating many new data types that weren’t previously considered ‘personal’. Much of this is thanks to advances in technology that makes it possible to generate and capture data not feasible when the previous legislation was introduced back in 1988.
The new law applies to any companies with revenues over $3 million that collect information (such as names, contact details, payment information or other details related to a specific person) for any purpose.
From March 12th, Australian organisations need to be more transparent and responsive about how they are handling customer data. If data is stored in the cloud, there are some new requirements that will apply, particularly if it is held offshore.
“This is not to be taken lightly, because failure to comply with the new laws means organisations can be hit with fines of up to $1.7 million, which will have a serious impact on their bottom line as well as reputation. Technology will play a major role in helping Australian organisations comply with the new privacy legislation, by providing them with the control they need to ensure that as a company they are handling personal information correctly and complying at all times,” continued Laureen Smith.
Workshare believes that organisations need to introduce strict security measures by implementing secure cloud applications that enable them to gain complete control and visibility over corporate documents and personal data. In particular, organisations need to ensure that they know where their information is stored and what country it is in so that they can be completely transparent with their customers and can remain compliant at all times.