New Zealand has just passed a law making data breaches notifiable. This update to our Privacy Laws has a profound impact on New Zealand small business as your responsibility to keep your customers data safe has just increased significantly.
You can read about your responsibilities in more depth here:
Privacy Commissioner Data Breach Responsibilities
This means that you must take extra precautions to ensure a data breach of your customer and employee data is kept safe.
Small businesses (ie your business) in general are not taking data security seriously, and the New Zealand government has just given us all a wake up call.
Many, many of us have been the victim of a phishing or ransomware attack. As from the 1st December 2020, these breaches will need to be reported to the government, under the newly updated Privacy Act.
I don't collect that kind of data!
No small business wants to be in a position where you are declaring a data breach to the privacy commissioner, so how do you avoid it? Do you even collect information that would warrant protection? If you collect customer information in any way on your computer, such as names, addresses, phone numbers, email addresses etc (spoiler, you do), then this act is directed exactly at you.
My data is already safe!
Most small businesses are already under the impression that their data is safe already. "My IT guy has it sorted" is a common misunderstanding between business and IT provider.
IF YOU ARE NOT PAYING YOUR IT PROVIDER FOR SECURITY SERVICES (Go check your contract) THEN YOU ARE NOT PROTECTED.
Data security is a complicated task. Unless your contract (do you even have a contract?) specifies security services, then YOU ARE NOT PROTECTED.
Are you sure we are not protected?
If you can answer YES to ALL these questions, then you are on the right track. If not, then you have some serious work to do:
Looks like I might not be compliant...
If you have answered NO to any of these questions above, then you need to act now. Business data security is now a major threat to your business.
As always, we can help you resolve these challenges. Email us at email@example.com or call us on 0800 471 8232.