Privacy specialists have been waiting with bated breath for the Privacy Bill to continue its progression through Parliament, following the Bill's second reading in August 2019. At that stage the commencement date of the Bill was set for 1 March 2020, which has since passed without fanfare.
Justice Minister Andrew Little yesterday tabled a supplementary order paper that amended the commencement date to 1 November 2020.
It is essential that businesses understand their obligations under the new Privacy Act. In particular, by November, businesses will need to have policies and practices in place to comply with new obligations for mandatory reporting of privacy breaches that may cause serious harm. Bell Gully will be publishing a Guide to Mandatory Data Breach Notification once the Privacy Bill has its third and final reading.
The Privacy Bill is due to be debated before the Committee of the Whole House. Once this occurs, it will move on to its third reading and Royal Assent.
Business leaders are currently making a number of key decisions around their response to COVID-19. While it's important these decisions are implemented promptly, privacy should continue to be a priority. Business leaders and in-house teams should also be aware of the global increase in reports of COVID-19 related phishing and other cyber criminal activity, particularly with the increase of employees working from home. CERT is closely monitoring these incidents and providing guidance.
In our article 'COVID-19: 5 key legal issues on your agenda', we discuss several privacy issues for businesses to be aware of. More updates on privacy issues will follow in due course.
If you have any questions about the matters raised in this article, please get in touch with the authors or your usual Bell Gully adviser.
This publication is necessarily brief and general in nature. You should seek professional advice before taking any action in relation to the matters dealt with in this publication.