New Zealand’s new Privacy Act goes into force 1 December 2020. From that date, organisation’s will be required to report any data breach to the Privacy Commissioner and notify any affected persons if it is likely to cause serious harm – or face a fine of up to $10,000. This is especially important for any business that offers joint accounts or membership, because of the potential for privacy breaches in situations where one customer is separating from a joint account/membership holder who is abusing them.
Shine has heard of many such situations over the years from our clients, commonly where a customer who has left an abusive partner, has updated their contact details with their bank or insurance company and asked for those details to remain private, and then the details have been inadvertently shared with the (ex) partner, endangering the safety of that customer.
If your business offers joint accounts/membership, DVFREE can consult on updating your policy and procedures to help ensure this type of data breach is prevented from happening.
See also, the Privacy Commissioner’s new free tool for responding to data breaches .
Read the NZ Herald article.