Data has become the central and most fundamental intangible asset of many companies. Management, protection and compliance parameters for this new asset class is a central strategic issue for boards and executives.
Reliance on data without proper appreciation of stakeholder expectations, compliance requirements and cyber security risks, particularly where such data concerns personal information, can equally turn the same data into a liability. Mismanagement of data can have far reaching consequences not limited to loss of revenue, fines, brand damage and personal liability; ultimately putting a business at a competitive disadvantage to those businesses that can get it right. Using data properly is therefore essential to the governance and performance of any business.
Risk management in data driven business models requires a multi-jurisdictional approach to data protection issues and an underlying understanding of the associated technology and legal risks. Using data properly requires active steps to ensure data is collected, used, disclosed, stored and otherwise managed in a way which is consistent with data protection and privacy laws in Australia.
In this guide to Australian data protection and privacy, we cover:
- What laws regulate personal information in Australia
- What is personal information?
- Who has to comply with the privacy act?
- Other national and state laws
- What is a mandatory data breach?
- How to get compliance right under the Privacy Act