Legislation Across the World
At 59 Degrees North we take pride in ensuring that our clients are in line with the legal requirements in their region. Part of these requirements is ensuring the organization understands their requirements for reporting and important information related to privacy and security of information.
New Zealand Privacy Laws
-
Authority: Office of the Privacy Commissioner (OPC).
Who must Comply: All public and private sector organizations handling personal information.
Definition: Personal Information - Information about an identifiable individual.
When to Notify: When a breach has caused, or is likely to cause, serious harm to anyone.
Serious harm may include:
Physical harm or intimidation
Financial fraud
Family violence
Psychological or emotional harm
Who to Notify:
Privacy Commissioner - notification to be expected within 72 hours of the organization becoming aware.
Individuals affected - directly, or via public notice if cannot be contacted.
We have provided a linked reporting tool of the OPC that can be used to assess or submit a breach.
Financial institutions have further reporting requirements to the Reserve Bank of New Zealand (RBNZ).