Senate shj
  • Story
  • People
  • Expertise
  • Perspectives
  • Contact us
  • Work with us
  • AU
  • NZ
Senate shj
  • Story
  • People
  • Expertise
  • Perspectives
  • Work with us
  • Contact us

Are you ready for the new Privacy Act?

Perspectives
SenateSHJ > Perspectives » Are you ready for the new Privacy Act?

New Zealand’s new Privacy Act 2020 comes into effect on 1 December 2020. It has the potential to catch many organisations off guard. 

The new Act requires organisations to notify the Privacy Commissioner and any affected individuals as soon as possible after becoming aware of a notifiable privacy breach, for example, some form of cyber-attack, or inadvertent loss of personal information. In many regards, this brings New Zealand into line with Europeans countries under the General Data Protection Regulation (GDPR). Australia has similar legislation.

The new requirements mean organisations need to understand the benefits of communication and being ahead of the legal requirements. Meeting compliance measures may not be enough.

Recognising, and planning for, reputational risk needs to be part of your organisation’s DNA. 

Crisis management ‘101’ says communicating an issue on your terms is always better than having to respond to questions about it when it is in the public arena. You can rarely set the agenda when you are on the back foot.

Our 2020 Reputation Reality report highlighted that directors and senior managers believed that data / privacy / cyber issues was one of the top two reputational risks facing organisations in Australasia. 

There have been many high profile incidents involving data breaches, mis-use of personal information and malicious cyber-related attacks in the past year. The associated media coverage and social commentary has dominated the public narrative, and the organisations involved have had to work hard to manage the incidents.

In many of these instances, open and proactive communications wasn’t the description used when people noted the incident and organisation’s response. While Continuous Disclosure Rules govern the compliance requirements of listed companies, it is a different story for non-listed entities. The problem, of course, is the time it can take to confirm what may have happened, and how much information is deemed necessary to be made public.

The new Act’s provisions also include a new information privacy principle that focusses on the disclosure of personal information outside of New Zealand. The aim is to ensure personal information being sent offshore will be subject to comparable privacy safeguards as those that apply in New Zealand. The new Act also increases the Privacy Commissioner’s powers to publish compliance notices for privacy breaches.

All of which means preparation, internal training and supplier compliance is essential.  

This story was shared by
SenateSHJ



Find similar stories

Crisis Reputation

Share this story

Looking for a new Perspective?
Sign up to our newsletter here.
Join the conversation Follow us on Twitter AUAU Follow us on Twitter NZNZ Follow us on LinkedIn

Subscribe

* All fields are required
Loading

Thanks for subscribing!

We've sent you an email to confirm your details.

Want to change your preferences?

You're already subscribed! Please get in touch at [email protected] if you have a query.

Oops, something went wrong, please try again. Let us know at [email protected] if you have an issue

Our story

  • Awards
  • Network

People

  • SenateSHJ team
  • Australia

Expertise

  • Reputation
  • Engagement
  • Change
  • Government
  • Financial
  • Digital
  • Capability
  • ESG and Sustainability
  • Insights

Sectors

  • Corporate
  • Public sector
  • Energy
  • Health
  • Resources

Perspectives

  • Crisis Index
  • The Togetherness Index
  • Four Rooms of Change®
  • The Missed Foundation
  • All stories

SenateSHJ

  • Find us
  • Work with us
  • Privacy Policy
Senate SHJ

Senate Communications Ltd and Scaffidi Hugh-Jones Pty Ltd (ACN 126 085 952) are two separate companies trading as SenateSHJ.

© SenateSHJ 2025