NZ enhances privacy breach reporting with online tool
Under the Privacy Breach Act, which comes into effect on 1 December, it will be mandatory for organisations to notify the OPC if a privacy breach has caused, or is likely to cause, serious harm.
Serious harm is defined as the unwanted sharing, exposure or loss of access to people’s personal information. Some information is more sensitive than others and therefore more likely to cause people serious harm.
Other examples of serious harm include physical harm, intimidation, financial fraud (including unauthorised credit card transactions or credit fraud), family violence, and psychological or emotional harm.
Businesses and organisations that fail to report a notifiable privacy breach may be fined up to $10,000. Privacy Commissioner John Edwards said NotifyUs will guide organisations through the reporting process.
“We want the privacy breach pre-assessment and reporting process to be straightforward. NotifyUs has undergone extensive testing ahead of today’s launch to ensure the guidance is clear and easy to follow. I encourage people to use it in advance of the new legislation taking effect on 1 December,” said Edwards.
The OPC has also provided other resources on privacy breach reporting, including a short e-learning module and breach reporting brochure.
The ACCC is seeking feedback about Google's proposed acquisition of Fitbit, and an...
The Privacy Act 2020 is now in effect in New Zealand, with changes that will affect businesses...
Cybermerc has announced the launch of a government-funded national cyber threat sharing platform...