Skip to main content

Auckland 09 282 3240

Wellington 0800 237 747

Privacy Act 2020 - Greater Risks for New Zealand Business

The Privacy Act 2020 comes in force in New Zealand on 1 December 2020 and it brings some significant changes for most businesses in New Zealand

The main points to note:

  • Mandatory notifications of privacy breaches – both to the affected parties and to the Privacy Commissioner;
  • The Privacy Commissioner has the power to issue non-compliance penalties of up to NZ$10,000. It will be interesting to see if these rise in time. In comparison, the equivalent legislation in Australia has penalties of AUD$2.1m (although last year the Australian Government announced its intention to increase these) and in the EU, the GDPR fines reach the greater of €20m or 4% of the global annual revenue;
  • If sharing information overseas New Zealand organisations must ensure that those in receipt can implement similar levels of privacy protection to those in New Zealand;
  • The Act also applies to organisations without a physical presence in New Zealand who collect, process or store personal information of New Zealanders.

Please click here to learn more about the changes provided by the international law firm Wotton + Kearney.

Please talk to your aibGROUP Insurance Broker about Cyber Risk. Cyber policies is one means to mitgate the costs associated from a notification of privacy breaches. 

Overseas, mandatory reporting led to increased numbers of reported security breaches. Dependent on the amount of personal records held, and the scale of the data breach, the costs to notify can be significant.

Source: Vero Liability


Canterbury Flood - Claim Information

Have you been affected by the flooding and heavy rain in Canterbury? Our Claims team are standing by to help you get back on your feet as soon as…

Covid-19 Information

Information to help clients

Covid-19 update

aibGROUP updates Business Continuity Plans