Review your content’s performance and reach.
Become your target audience’s go-to resource for today’s hottest topics.
Understand your clients’ strategies and the most pressing issues they are facing.
Keep a step ahead of your key competitors and benchmark against them.
add to folder:
Questions? Please contact [email protected]
From 1 December 2020, New Zealand’s mandatory data breach notification laws take effect. If your organisation carries on business or is based in New Zealand, and you experience a data breach, you may be required to notify the regulator and affected individuals. If you don’t comply, you may face fines or other regulator action.
This is a brief snapshot of how you determine if you need to notify.
KEY TERMS
What is a ‘privacy breach’?
A privacy breach (commonly called a ‘data breach’) is the unauthorised or accidental access to, or disclosure, alteration, loss or destruction of personal information held by an ‘agency’ – any organisation or business, whether in the public sector or private sector. This includes government departments, companies and businesses, social clubs and other types of organisations.
A privacy breach also occurs when any action prevents a person from accessing their personal information that is held by an agency – for example, ransomware or denial of service attacks – s112 Privacy Act 2020.
What is ‘personal information’?
Personal information is “information about an identifiable individual” – s7 Privacy Act 2020.
The information does not need to name someone specifically to be personal, if they are identifiable in other ways, for example, through their home address.
How to assess ‘likely risk of serious harm’?
When assessing the likelihood and severity of the privacy breach, you must consider:
(s113 Privacy Act 2020)
add to folder:
If you would like to learn how Lexology can drive your content marketing strategy forward, please email [email protected].
© Copyright 2006 – 2022 Law Business Research