Blog
Read the Latest News
No doubt you've been inundated in recent weeks with a bunch of "We're updating our privacy policy" emails, from every website you've ever signed up to (and many you may have forgotten about). This is due to the introduction of a new set of data privacy laws which formally took effect in Europe on 25 May 2018 - the General Data Protection Regulation (GDPR).
The GDPR has been introduced across Europe to counter some of the more insidious data collection and online surveillance techniques out there today. At a very basic level, the GDPR applies if you collect the personal data of any EU citizen. It includes a bunch of onerous provisions, and has severe penalties for breaches.
In Australia, privacy policy and handling of customer data is regulated by the Australian Privacy Act 1988 which includes 13 Australian Privacy Principles (APPs). The good news for Australians is that the GDPR and the Australian Privacy Act are compatible, in that both promote transparency and accountability in information handling, and both require businesses to notify of any privacy breaches. However, the GDPR contains several differences which do not currently have an equivalent right under the Privacy Act.
Just because a website may be accessible to the EU, does not necessarily mean it will be forced to comply with the GDPR. And at this point the legislation is active, but untested in a court of law. The important questions for you to consider right now are:
If your answer is YES to any of these, then your business is subject to the GDPR and, depending on the type of business you conduct, you may need to make changes to:
If your answer is NO, then keep reading!
The Privacy Act includes 13 Australian Privacy Principles. This link provides a quick reference outline of all 13 APPs. These APPs outline how certain organisations must handle, use and manage personal information.
The Australian Privacy Act does not apply to all organisations, and individual organisations must decide how they apply to their own organisation. So make sure you do some research to see if your organisation is included or not.
Consider this - due to the requirements of the GDPR, and the number of people in the world it applies to, there is now increased focus on data privacy, collection and management. With that in mind, it may be reasonable to assume:
- There will be changes in the way things are done going forward.
- It's not difficult to envisage a time when - above and beyond the legal requirements - businesses that do demonstrate a commitment to data privacy, may be preferenced over those that don't.
If you need assistance with determining your requirements or implementing new privacy policies or processes, please contact us.
The Joomla!® name is used under a limited license from Open Source Matters in the United States and other countries. WebSolutionZ.com.au is not affiliated with or endorsed by Open Source Matters or the Joomla! Project.