It’s been close to twelve months since The GDPR legalisation was introduced in Europe – so what?

We all need to acknowledge that there is rising concern over privacy and exchange of personal data. As far as the GDPR (General Data Protection Regulation) goes, it’s aims were always to protect individuals’ rights to privacy and enhance data protection. It’s now close to twelve months since GDPR was introduced – and businesses seem to have adjusted reasonably well.

But this is European legislation, why would it impact me when I’m just doing business in New Zealand?

In most cases businesses will not be exposed to the impacts of GDPR legislation, however the cross-border scope of the GDPR, which is far reaching, means that some New Zealand organisations need to review their internal data processing procedures, or risk hefty fines for non-compliance.

The NZ Law Society have a well-considered view on potential impacts for New Zealand businesses and so it’s worth having a look at the GDPR related resources available on line.

At Cumulo9 we help organisations understand the impacts of the legislation, like New Zealand’s own 1993 Privacy Act. But that was written 26 years ago when the internet, social media and even email was just beginning to evolve. It is for that reason that new privacy legislation is about to be introduced in New Zealand.

Core elements of the 2019 Privacy Bill are the same as the Act it is designed to replace. It retains the twelve information privacy principles, which protect people’s privacy by governing the collection, storage, and use of personal information, while also providing for the legitimate use of information by the government, businesses, and other organisations. These information privacy principles are updated in the Bill, to better protect personal information sent overseas.

In New Zealand, we are taking a more measured and conciliatory approach with our new legislation. So, we are not seeing the headlines in the daily press, or the same fear by big business, that they might transgress in some way and end up in the headlines, or in front of the Courts. But one thing is certain, this is a journey and not a destination as new channels will evolve, and more information will be collected. There will always be a fine balance in the way that business targets consumers, with offers and services that are both timely and relevant to them.

Are you interested in finding out more about the potential impacts of this legislation or how GDPR may impact your business? Drop the team at Cumulo9 a line here.