Changes to the Privacy Act

The Privacy Act 2020 aims to keep people’s personal information safe and secure to reflect changes in technology and the ways business is done online and offline, therefore it’s important to understand the changes to the Privacy Act that came into force on 1st December 2020.

From 1 December 2020 anyone who collects, uses and stores personal information about employees and/or customers must follow new and existing rules in the Privacy Act.

This applies to all business types, including sole traders and freelancers/contractors.

Common examples of personal information collected by businesses include:

  • names
  • contact details
  • employment records
  • photos of workers or customers used for marketing purposes such as flyers or social media posts

Changes to the Privacy Act mean that businesses must:

  • not destroy personal information if someone asks for information held about them
  • report serious privacy breaches
  • check personal information shared with overseas companies have similar protection to New Zealand

So it’s a good idea to appoint a privacy officer who will take the lead on privacy matters.

This could be you, an office manager, or another trusted worker.

The Privacy Officers role involves:

  • a general understanding of how the Privacy Act relates to your business
  • checking personal information is collected responsibly and stored safely
  • making sure any issues or requests for personal information are handled promptly
  • handling privacy complaints made to your business, including working with the Office of the Privacy Commissioner (OPC) on any escalated complaints

If you have any queries please don’t hesitate to get in touch.