New Zealand’s current Privacy Law is 27 years old. Its due for a refresh and will change from 1 December this year. Find out about some the changes that are coming in, what 2Shakes is doing and what you should be aware of.
You can find resources on the Privacy Commissioners website about the changes to the legislation. Some key changes:
- Privacy commissioner now has ‘teeth’ to deal with privacy breeches
- Individuals can ask to view their own records
- There are constraints around the disclosure of information overseas
- If you use numbers or codes to represent people there are restraints over using these unique IDs with other organisations.
- We add further explanation of the use of information for AML/CFT CDD checks and fraud detection.
- We specify where information may be sent to others who may operate cloud software services located overseas.
- We link to the privacy policies of cloud software services providers we integrate with.
To maximise security and privacy 2Shakes has always operated from Microsoft Azure cloud services from data centres located in Australia. The providers of our identity verification integrated cloud services are Centrix (located in New Zealand) and OCRLabs (in Australia). NZ privacy law is similar in nature to Australian Privacy requirements. So this provides real confidence that this identity information is held in countries with privacy laws that provide safeguards in line with the New Zealand Privacy Act.
- Business.govt.nz provide tips on what customer and employee information you should be keeping and ways to protect personal data
- Digital.govt.nz has guidance information on privacy and and key privacy concepts
If you have any concerns or questions about how 2Shakes handles Privacy please email our privacy officer firstname.lastname@example.org and we will be pleased to help.