Changes to the Australian Privacy Act commenced this month, so take a moment to understand them, and consider what it means for your business.
With the changes focusing on cross-border disclosure businesses that engage with other businesses overseas are significantly impacted. This is why if you are outsourcing it’s important to have an outsourcing company that understands these amendments. With increased penalties of up to $340,000 for individuals and $1,700,000 for corporations you need to be serious about your data. You need to undertake necessary measures to protect your business.
Consider the four ways below.
1. Review the new privacy laws
It’s important to understand your laws first and to have regular reviews in place to make sure you don’t miss anything. You can use the Australian Privacy Principles or the APP as your guide. The APP outlines the requirements that are mandatory (the musts), the reasonable business practice (the shoulds) and the best practice (the coulds). Make sure that your outsourced companies and individuals overseas are also aware and compliant with these new laws.
2. Ask your BPO how customer data is obtained, handled, stored and transferred
These new laws will make it more difficult for businesses to collect information about consumers without their knowledge. The new system of privacy principles will significantly affect how your business collects and handles personal information. One requirement is all personal information collected must be directly related to the business purpose at hand, with all personal information up-to-date, accurate, relevant and not misleading. Entities must collect information only by lawful and fair means. The new laws take the current laws further. Under the new law, your BPO is seen as an extension of your business. If you transfer data to an overseas BPO, a privacy breach by the overseas recipient can be deemed to be a breach by your business. This gives rise to liability for your business under Australian Law. Not only will this require you to scrutinise the consent provisions of your privacy policies, you also should carefully consider contracts with your outsourced IT service providers and cloud computing services.
3. Implement safeguards in internal processes and procedures
To ensure your company is compliant with the new legislation, data management will need to be reviewed. Make sure that data sets are kept separate. In terms of data storage, you need to ensure that you have water tight agreements in place with your BPO and other external companies. This ensures no chance of privacy breaches.
4. Choose the right BPO
Don’t wait until you are under investigation. Choose the right BPO upfront, and choose a BPO that understands the new privacy laws entirely. Let your outsourcing partner take care of your business while you focus on what you do best.
By optimising data, your business will not only be taking crucial steps towards complying with the privacy laws, but also improve revenue, results and customer engagement.
To learn more about privacy and security protection when outsourcing, check out this blog.