Ask yourself: is it worthwhile hiring a policy officer to ensure that a breach does not occur?
But this is just the beginning. Let's throw a spanner in the works.
Consider all of these advances in the context of data stored in cloud. The list of considerations and concerns gets infinitely bigger. There are different approaches to how privacy is interpreted when it comes to data stored in the cloud space. The following is a general starting point, but not specific advice, as individual circumstances vary and need to be looked at in more detail.
- The Infrastructure as a Service (IaaS) model, where the service provider is responsible for housing customer information and is not involved in any handling or processing of personal information. In this case all obligations to privacy are held with the customer.
- Software as a Service (SaaS) model, where the service provider is responsible and plays an active role in handling and managing customer's personal information. In such cases, the service provider needs to obtain consent from the customer to hold and or use this information.
- Platform as a Service (PaaS) model, where the service provider delivers tools to enable customers to deploy applications. The service delivery model means that customers need to use best practices and privacy-friendly tools.
Privacy remains a critical component for Australians doing business or simply engaging online. We are entering a challenging new era as tougher privacy laws come into effect. While some Australian companies have already initiated the ground work, others have simply turned a blind eye.
Business owners who want to mitigate risks without sacrificing their ability to do business need to start addressing where they currently stand in relation to digital privacy. Assessing the business structure now will identify strengths and weaknesses, and set the wheels in motion for the new privacy approach.
Sign up for CIO Asia eNewsletters.