Privacy reforms: first step in a long road

In our era of constant digital connectivity, the risk of data breaches and personal information becoming public has been a growing concern. Every interaction we have is tied to our identity, and if that data is compromised it can have far-reaching, negative impacts in both our digital and physical lives.

Data breaches are top of mind for many right now, with the recent discovery of the government’s massive data breach whereby the private information of almost 10,000 people in immigration detention in Australia was published on the Department of Immigration website. The Office of the Australian Information Commissioner is investigating the incident, and many are speculating that they will in fact be found in breach of the privacy principles.

At the end of the day, its critical for businesses and government agencies to better protect their user data, and the fact that breaches will now be enforced is a crucial step towards improving the way we, as a country, manage information.

The damage done

The new Australian Privacy Principles (APP) significantly improve how businesses and federal government agencies collect, store and manage individuals’ personal information. However, the damage has been done, as citizens of all walks of life have become wary of how companies are using their personal information once its been collected.

The 13 principles are much more detailed than the previous Information Privacy Principles that were in place, and is a crucial step forward for Australia, in order to manage the way our government agencies and businesses protect sensitive information from being breached or disclosed.

Australian companies or agenices that fail to strengthen the way they collect, disclose and secure personally identifiable information risk incurring penalties and fines of up to $1.7 million, and regulators now have broader powers than ever before so they can impose enforceable actions against non-compliant organisations.

Many businesses will need to completely revamp the way they manage their user databases, which is no small feat. However, to not comply will lead to fines, as well as negatively impact the public perception of the brand, all of which can severely harm the bottom line of any business.

This update to the law is a complete overhaul of how the government perceives user information, and the way that data is protected. Businesses need to act accordingly, and ensure that they are completely in line with the APP.

Organisations across numerous sectors collect personal information, including: government agencies, finance or healthcare organisations, online retailers, and utilities. All of these now need to ensure that the way they collect, share and store their users personal information is done so in a secure manner.

The solutions they use for their data management needs to have stringent encryption, have access protocols that ensure only authorised users can open secure content, and maintain the integrity of users personally identifiable information.

Solutions that provide these levels of security control and functionality exist on the market today, but many businesses haven’t yet had the impetus to implement these kinds of tools. However, they need to start immediately, because not only do companies need better security solutions, they need to train their employees on the proper ways to use these tools for data collection, sharing, collaboration and storage.

A step in the right direction

Data leaks are a growing problem for businesses of all sizes, and often leaks occur because employees are unaware that the way they manage files is unsecure. Employees need to be trained on how to securely manage sensitive data, and then receive regular updates as new policies or solutions are put in place.

The Australian government’s move to strengthen these nationwide security policies, and ensure the privacy of its citizen’s personally identifiable information should be welcomed. It’s certainly a step in the right direction and sets the foundation for what lies ahead.

As time goes on, and technology advances, more data will be shared or stored digitally and the privacy and security of sensitive information will only become more critical.

Kieran O'Shaughnessy is managing director Asia Pacific at Accellion