There has been a series of videos and updates released about the changes. This is great because if you are like me, I prefer videos and podcasts to make the most of my travel time.
Below we have summarised the key changes so you know the scope of the changes. In the next update we will let you know what are the actions you should be taking so you comply and are not inadvertently breaching employees privacy.
The nuts and bolts of the changes are:
- accommodating for the digital landscape and our personal digital information.
- your obligations if there is a breach or information is lost. This includes notifying those concerned and the privacy commission what has happened
- the introduction of a new privacy principle relating to businesses who send information overseas.
- greater obligations on overseas companies doing business in NZ and what they do with our information. It is an attempt to level the playing field irrespective of where they are located.
- greater penalties and the privacy commissioner has extended powers that we would liken to a labour inspector – they can issue compliance notices and access direction orders
- new offenses have been introduced relating to the misleading of agencies on why you need personal information
- only getting information that uniquely identify people for a lawful purpose
- collection of information from young people
Take a look at this video produced by the Privacy Commissioner.