Data audit: First step to meet new privacy changes

By | 7 June, 2017

EOFY and privacy law changes signal right time for a Data Audit – Book your Audit by June 30!

As part of the Privacy Act, you must be able to ensure the integrity of your consumer’s data and safeguard your data processes.

And new changes outlined in the Privacy Amendment (Notifiable Data Breaches) Bill 2016, passed by the Senate in February 2017, means it is now mandatory for organisations to disclose any eligible data breaches.

From February 2018, organisations will need to ensure compliance or risk hefty fines.

With the end of financial year (EOFY) approaching, now is the perfect time to allocate budget to a data audit. This will help you understand any weaknesses in your data and potential flaws in your processes.

These changes come as some companies are still getting to grips with the raft of new privacy laws introduced in 2014. Back then, the Association for Data-Driven Marketing and Advertising (ADMA) recommended a data audit as the first step towards complying with privacy changes.

This is just as important now.

Overview of data breach notification changes

The Privacy Amendment (Notifiable Data Breaches) Bill 2016 requires government agencies and businesses operating under the Privacy Act to report any serious data breach to the Australian Information Commissioner and affected individuals.

As outlined in the Bill, an eligible data breach happens if:

  • there is unauthorised access to, unauthorised disclosure of, or loss of, personal information held by an entity; and
  • the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates.

An entity must give a notification if:

  • it has reasonable grounds to believe that an eligible data breach has happened; or
  • it is directed to do so by the Commissioner.

Examples of an eligible breach could relate to information that identifies a person, such as credit card data, credit records or tax file numbers.

The Australian Privacy Principles (APPs) in the Privacy Act outline how most Australian Government agencies, all private sector and not-for-profit organisations with an annual turnover of more than $3 million, all private health service providers and some small businesses (collectively called ‘APP entities’) must handle, use and manage personal information.

To help businesses understand what the new Bill means for business, the Association for Data-Driven Marketing and Advertising (ADMA) has put together a Q&A that explains the changes.

What should you do? Start with a data audit.

As CEO of the Association for Data-Driven Marketing and Advertising (ADMA) Jodie Sangster explained in an article for CMO Magazine following the 2014 changes, a data audit can help businesses get to grips with their privacy compliance.

At DCA, a data audit forms part of the core work we do for clients all over Australia. A data audit can give you a detailed look at the quality of your data and help you pinpoint any weaknesses in the way your data moves in, out and around your organisation.

Our Data Quality Audit Report will provide a summary of the condition of the data in relation to:

  • duplication
  • cleanliness
  • deliverability
  • process compliance
  • data related findings, such as displacement of data.

We take a holistic approach to our data audit process. This enables us to identify and report on the available opportunities to improve the quality of the data and provide a point from which the data condition can be benchmarked moving forward.

Start the financial year with confidence

Getting your data in order, ensuring its quality and also the integrity of your data is a great way to move into the new financial year.

As well as helping to identify risks to compliance, it will also give you the foundations to run effective data-driven marketing.

We know data-driven marketing is here to stay. That’s because organisations of all sizes are recognising that good quality data can make a positive impact on the bottom line.

In fact, the Productivity Commission has just released its final report into data availability and use. It recommended Australia create a new data framework to operate better within an increasingly “digitised economy” and to capitalise on the “extraordinary growth” of data generation and insights.

“Improved data access and use can enable new products and services that transform everyday life, drive efficiency and safety, create productivity gains and allow better decision making,” the report said.

But, along with this growth comes the need to keep the information you have about your consumers and audiences safe from potential breaches and misuse.

Find out how DCA can help you get the most out of your data while helping you to remain compliant.

Call DCA today to discuss getting a Data Audit: phone 03 9320 9000 and ask to speak to one of our Data Audit Specialists.

Share Button