We live in a world of cyber security threats: hackers breaching organisational firewalls, Wikileaks publishing private state documents, and employers tracking cyber activity for productivity sakes. Privacy, in relation to digital data, is a hazy topic.
The internet alone is increasingly being used as a medium to collect information for consumer profiling. According to Nielsen's 2013 Australian Online Consumer report, 17.2 million Australians accessed the internet in the month of July and spent an average of 38 hours online across 60 sessions.
As more and more Australians surf the internet, check their mail, shop online, apply for jobs, or simply socialise with friends, they are leaving a trail of digital data that for some people is a gold mine. This includes email services like Gmail, file storage services like Dropbox, photo galleries like Flickr, and the list goes on. And this is not just on PC's: laptops, smart phones, tablets, and televisions with internet capability all leave a cyber-trail.
When March 2014 hits, easy access to digital data will no longer be the case. Australia is about to get tougher on its privacy laws: effective March 2014, the 2012 Privacy Amendment Act will require that all Australian organisations, regardless of size and industry, implement open and transparent policies for managing personal data. This may seem simple, but it opens a crevasse of questions: how did you obtain this person's contact details? Were you transparent in your original address? How are you storing these details? What is the purpose of collecting personal details? Are you sharing them amongst your organisation or more broadly?
These questions relate not only to your employees, but to everyone your organisation interacts with: stakeholders, customers, past employees, marketing databases....and the list goes on.
With the clock ticking, there is less than a year remaining until privacy is changed forever. Yet the implication of privacy is rarely discussed. The question is: are businesses prepared? The answer is, more likely than not, no. If personal data is not adequately handled, organisations may be liable and can be imposed with fines of up to $1.7 million for an organisation and $ 370,000 for an individual.
As the generation of digital data continues to grow exponentially, it provides challenges for corporates to correctly manage, store and secure it. The pressure is on and the onus is on all companies to evaluate:
- Who ''owns'' the privacy realm within their organisation?
- And if they have the necessary approvals to use third party data?
Achieving data privacy is a challenge for all organisations and the amount of work that needs to be done should not be underestimated. There is no time like the present to consider how to manage risk involved- what is lacking, what policies need to be put in place, and what needs to change.
Sign up for CIO Asia eNewsletters.