Archive

  Preventing data privacy breaches is becoming increasingly important, with the increasing costs of dealing with cyber attacks, IT security breaches, and the subsequent legal actions and regulatory investigations. Strong IG, including privacy governance, is the most effective way to put in place robust systems to prevent and minimise privacy breaches, as well as respond to any privacy breaches that may occur. Cyber attacks and privacy breaches There is general awareness of the increase in cyber security attacks on organisations, and the significant risks that this poses to enterprise information security, legal and regulatory obligations, as well as the significant costs and reputational issues that result. It is regularly reported that cyber attacks and data breaches are on the rise. The Identify Theft Resource Center Breach reported that US data breaches hit a record high of 783 in 2014, which was a 27.5% increase over the previous year, with over […]

    elevenM Principal Melanie Marks reflects on the need for better public engagement on the future of privacy, much as is emerging around climate change. Sitting at a symposium on children’s online privacy a little over a week ago, the footsteps of a thousand marching children ran through my head. Just streets away from the event was the Melbourne base of the national climate change rallies. In the room was an inspiring group of academics, regulators and policy makers, grappling with the future of surveillance and profiling. Both social issues, concerning the future of humanity. I pondered why the climate rally had delivered so many to the streets now, when we have known about climate change for years? And I concluded that what has changed is that we can see it now, and we are parents. We see the world through our kids’ eyes – strangely short seasons, farmers without water and […]

     For those of you who don’t work in financial services and may not know the structure associated with APRA’s publications, there are Prudential Practice Guides (PPGs) and Prudential Standards (APSs or CPSs). A PPG provides guidance on what APRA considers to be sound practice in particular areas. PPGs discuss legal requirements but are not themselves legal requirements. Simply put, this is APRA telling you what you should be doing without making it enforceable. On the other hand, APSs and CPSs are regulatory instruments and are therefore enforceable. Until now, those working within a cyber security team at an Australian financial services company had PPG 234 – Management of security risk in information and information technology (released in 1 February 2010) as their only reference point as to what APRA were expecting from them in regard to their cyber security controls. But things have moved on a fair bit since 2010. […]

Mandatory Data Breach Notification Is In– Here’s All You Need To Know There are approximately 10 months to go until your organisation will have to fess up if it experiences a serious data breach. Whilst that may sound like a long time away, the requirement to notify is only the tip of the iceberg.  It’s a reminder to all organisations covered by the Privacy Act to have adequate measures in place to protect information security and to have a privacy governance framework in place. As a privacy leader in your organisation, you should now be looking at your processes and procedures for managing data breaches and assessing your organisation’s capability to respond to them.  You should be: ✔ Briefing all relevant stakeholders on the roles that they will play ✔ Training staff on the steps expected by the regulator when responding to privacy breaches ✔ Implementing internal processes to streamline these requirements in […]

21 March 2019, Cordis Auckland New Zealand’s premier legal innovation & technology event       On 21 March 2019, over 250 delegates will be attending New Zealand’s premier legal innovation and technology event – LawFest. LawFest is designed for all legal professionals with an interest in innovation and leveraging technology. There will be the opportunity to learn, connect with innovators, establish relationships, and discover technology that matters to you and your practice.  You will hear from those that are innovating and explore opportunities to help you transform how legal services are delivered, for today and the future. The speakers will deliver practical insights of what they are doing, how they started and what comes next. LawFest continues to be the only event in New Zealand providing the opportunity to meet and see leading legal technology in the large exhibition hall, together with live legal tech demonstrations.  A programme to inspire & […]

     New Zealand’s legal innovation and technology LawFest event on 8 March attracted over 250 legal professionals from across the country. The event has come a long way since its beginnings 6 years ago. It is now the must do New Zealand legal conference of the year, as more legal professionals look to learn more about innovation and leveraging technology to help deliver legal services, both for today and the future. At a time where there is more pressure on organisations and law firms to operate more efficiently and effectively, LawFest explores the opportunities of innovation through leveraging technology. It provided the opportunity to learn about what innovation looks like, and the innovative practices others are adopting in this fast changing and disruptive area. The Highlights Keynote speaker Sir Ray Avery, described by attendees as an “inspiring and motivational start to the day”, led the line-up of over 20 speakers […]

LawFest – Innovating legal services by leveraging technology Last week over 200 people from law firms, in-house legal teams and the technology industry joined some of New Zealand’s leading legal technology thinkers at LawFest, New Zealand’s premier legal innovation and technology event, at the Langham in Auckland. LawFest is the key one day conference for legal professionals, developed as an opportunity for anyone involved in the intersection of technology and the law to develop their knowledge and immerse themselves in the latest topics and trends in this fast-changing area. The day was engaging and innovative, providing great practical advice that everyone could learn from. The programme asked questions that challenged delegates, with industry leading speakers providing insight into how to take advantage of the opportunities that technology brings. The opportunity to innovate through technology Innovation through the use of technology is becoming a game changer for providing legal services. It […]

Thought LeadershipKnowledge Management Forum The Search for Meaning: Cutting Through the Noise Welcome to the On-Line Information Governance Forum for input to The Search for Meaning, Cutting Through the Noise. The purpose of the On-Line Forum is to solicit input from the broader community of IG professionals and encourage input from people who cannot attend the workshops. The main objective being to create a foundational definition of elements and terms used when describing the practice of Information Governance from a business perspective. The approach we are taking is to tackle four Information Governance terms in separate forums. This forum will be focused on Knowledge Management. We have a discussion thread below with some sample definitions as a starting point for input and discussion, we ask you to review these and make suggestions of alternative definitions and ask for the opinions of others who are participating in the forum. New to the forum? […]

InfoGovANZ members came together on 18 July for a thought-provoking roundtable on the impacts of cloud computing adoption on information governance.  Dr Peter Chapman InfoGovANZ advisory board member chaired the roundtable which was hosted by Ferrier Hodgson.  Several significant topics were addressed and discussed including: ·         Information benefits and risks posted by cloud adoption ·         Information security and governance considerations ·         Best practice standards and governance frameworks While the value and benefits of cloud computing were well known, the general feeling from the table was that many organisations either did not fully appreciate or mitigate the security, privacy and information control risks posed by cloud computing adoption. It was noted that well-established cloud computing providers have been working towards providing improved monitoring and control tools for their clients; however organisations have been challenged by the need to implement infrastructure flexibility without losing oversight and control of their information. The table […]

  This is a round-up of the global IAPP Summit that takes place in Washington DC every year near Easter. It is a massive event, with over 3500 people moving over 4 floors plus an exhibition hall. There were more than 30 sessions (with many sessions running consecutively), plus 5 key notes. The sessions covered topics including blockchain, data scraping, GDPR compliance, data breach notification and response, Privacy Shield, Artificial Intelligence (AI), Smart Cities, Big Data, online reputation. The Summit took place against the backdrop of another turbulent week in US politics including the Stormy Daniels interview and the student 'no guns in schools' march on the Capitol, as well as the Facebook/Cambridge Analytica revelations and Mark Zuckerberg's interview acknowledging that Facebook breached its users' trust. The keynote speakers Monica Lewinsky, Simon Schama and Jon Ronson gave a fresh take on privacy from a personal, research and historical perspective respectively […]

Data Sharing and Release Bill     Response to Issues Paper We refer to the New Australian Government Data Sharing and Release Legislation Issues Paper (Issues Paper) and the associated consultation meeting which took place in Sydney on Friday 27 July 2018 (Sydney Consultation) facilitated by Dr Phillip Gould, Assistant Secretary, Office of the National Data Commissioner (NDC). This submission brings together the views of the following stakeholders: Melanie Marks, Principal, elevenM Susan Bennett, Principal Sibenco Legal & Advisory, Co-founder & Director, Information Governance ANZ Anna Johnston, Director, Salinger Privacy Professor Graham Greenleaf, Professor of Law & Information Systems, UNSW Professor Michael Adams, Professor of Corporate Law & Governance, Western Sydney University Associate Professor Thalia Anthony, Indigenous Law Centre, University of Technology Sydney Matthew Golab, Advisory Board Member Information Governance ANZ Katherine Sainty, Managing Director, Sainty Law Michael Bahari, CIPP/E, Admitted lawyer of the Supreme Court of NSW Shane Tully, […]

Thought Leadership Data Governance Forum The Search for Meaning: Cutting Through the Noise Welcome to the On-Line Information Governance Forum for input to The Search for Meaning, Cutting Through the Noise. The purpose of the On-Line Forum is to solicit input from the broader community of IG professionals and encourage input from people who cannot attend the workshops. The main objective being to create a foundational definition of elements and terms used when describing the practice of Information Governance from a business perspective. The approach we are taking is to tackle four Information Governance terms in separate forums. This forum will be focused on Data Governance. We have a discussion thread below with some sample definitions as a starting point for input and discussion, we ask you to review these and make suggestions of alternative definitions and ask for the opinions of others who are participating in the forum. New to the […]

Why implementing good data governance should be on every CIO’s radar as a way to reduce risk, ensure compliance and increase business productivity and efficiency    Businesses are literally drowning in data as employees collect, interact with and store more information across an increasing number of platforms. The sheer amount of company data residing in email and core transactional systems, as well as customer sentiments across various social media platforms is – for most organisations – getting increasingly difficult to deal with. About 2.5 quintillion bytes of information is generated worldwide each day, which means that managing information throughout its lifecycle is more important than ever. To do this well, organisations need to implement good data governance – an approach to managing corporate data by implementing process, roles, controls, and metrics that treat information as a valuable business asset. CIO Australia recently held a breakfast briefing where business leaders discussed why […]

     Twelve months on, consumers are arguably more troubled about the lack of safeguards for privacy, while businesses face the prospect of further regulation and oversight. Without a fundamental shift in how privacy is addressed, the cycle of heightened concern followed by further regulation looks set to continue. In this article, Melanie Marks Principal of elevenM and InfoGovANZ advisory board member, examines how data breaches are happening and the benefits of a more proactive and embedded approach of privacy by design. Australian businesses became subject to a mandatory data breach reporting scheme on 22 February 2018.  Angst and anticipation came with its introduction – angst for the disruption it might have on unprepared businesses and anticipation of the positive impact it would have for privacy. Twelve months on, consumers are arguably more troubled about the lack of safeguards for privacy, while businesses face the prospect of further regulation and oversight. […]

  Be-it users stepping away from the world’s biggest social media platform, a major airline’s share price plummeting after a large data breach, or Australia’s largest bank committing to a stronger focus on privacy and security – events in recent weeks provide a strong reminder of the fragility and critical importance of trust to businesses seeking success in the digital economy. Bodies as illustrious as the World Economic Forum and OECD have written at length about the pivotal role of trust as a driving factor for success today. But what does trust actually mean in the context of your organisation? And how do you practically go about building it? A good starting point for any organisation wanting to make trust a competitive differentiator is to gain a deeper understanding of what trust actually means, and specifically, what it means for it. Trust is a layered concept, and different things are […]