So I thought I'd just tell you about one or two things you may not be aware of, but you should just store in the back of your mind.
The first thing was that the legislation has 13 Principles around how you gather and deal with personal information. I'm not going to go into all the details, rather I'll leave the link to these principles below.
But the main area I wanted to draw to your attention was the obligation to disclose if there has been a breach of personal information, and if that breach is going to cause serious harm. Again, I'll leave a link below for a description of those things.
Now, serious harm isn't actually defined. But on the Privacy Commissioner's website there is a 'Notify Us' tool, and you can work your way through the different scenarios as to what's happened, and that will tell you if you need to report the breach, or not.
Failure to report a breach can result in a fine of up to $10,000. So, if you do have a Privacy Policy as part of your governance policies, it might be time to look at that and just have a look through and see if it needs modifying. More importantly, it's really just a case of being aware of what your obligations are.
That's all for now, ka kite, Hutch.
For more tips for business owners and managers, give me a call on 021 748 142 or flick me an email to john@planaconsulting.co.nz