Do Not Call Register essentials
The Do Not Call Register is expected to commence on 31 May 2007. It will be administered by ACMA.
The package of laws, regulations and standards consists of:
- the Do Not Call Register Act 2006 (Cth);
- the Do Not Call Register Regulations 2006 (Cth);
- the Do Not Call (Consequential Amendments) Act 2006 (Cth);
- Telecommunications (Do Not Call Register) (Telemarketing and Research Calls) Industry Standard 2007.
April 12, 2007 in Compliance toolkit, Financial services, Privacy, Trade Practices | Permalink | Comments (0) | TrackBack
Privacy Act updated
ComLaw has issued an updated consolidated Privacy Act 1988 up to 13 December 2006.
The publication includes:
- a new Part VIA inserted by the Privacy Legislation Amendment (Emergencies and Disasters) Act that applies to the handling of personal information during a declared emergency or disaster situation; and
- amendments inserted by the Anti-Money Laundering And Counter-Terrorism Financing (Transitional Provisions And Consequential Amendments) Act 2006.
December 26, 2006 in Compliance toolkit, Privacy | Permalink | Comments (0) | TrackBack
Canadian Bank misdirects confidential faxes
From Canada is the latest story (via Rob Hyndman) on breaches of customer privacy by a business.
The Office of the Privacy Commissioner of Canada has issued a report on the CIBC Bank 's misdirection of faxes between 2001 and 2004 to 2 businessses and the failure of the Bank to stop the misdirection after being notified.
The Privacy Commissioner commented that:
It was clear that the bank's privacy practices failed at the most basic organizational level. As a result, customer personal information — and trust — was breached. The fact that the misdirected faxing occurred over a number of years, that the attempts to stop the problems were ineffective, and that the bank did not appropriately recover customer personal information were deeply disturbing to the Office.
Most particularly egregious was the fact that the CIBC employees involved in responding to the incidents never fully recognized that misdirected faxes were a privacy issue. We were disappointed that an apparently well-organized institution such as the CIBC had a privacy policy with such holes in it that these incidents were not fully recognized as privacy breaches and that the bank's privacy officials were not informed of the matter.
April 19, 2005 in Privacy | Permalink | Comments (0) | TrackBack
Privacy: start with physical security
A San Jose medical practice reports that 2 of its PC's have been stolen. They contain personal details of 185,000 patients. It is not clear whether the PC's were password protected or what measures were taken to keep the information confidential. (via beSpacific)
April 14, 2005 in Privacy | Permalink | Comments (0) | TrackBack
How do you respond to discovery of a fraud and privacy breach?
Choicepoint's response to its recent discovery of a fraud by which customers of its database service service stole the identities of up to 145,000 persons listed on the database seemed to have been well considered and open.
It caused a renewed privacy debate and the share price dropped but the response itself was not criticised.
However, now comes news (via Byrne's Marketview) that top executives started selling shares before the fraud became public!
March 1, 2005 in Compliance toolkit, Fraud, Privacy | Permalink | Comments (0) | TrackBack
Subscribe in a reader
