SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Partnership aims to help Australian businesses with Privacy compliance
Wed, 6th Dec 2023

In a landmark collaboration aimed at bolstering Australia's cyber security and privacy compliance, de.iterate and Source are uniting to introduce an innovative solution for Australian businesses. This partnership emerges in response to recent high-profile data breaches and the Australian Government's significant overhaul of privacy laws, representing the most extensive revamp in decades.

Stanislav Roth, Managing Director of Source Legal, expressed enthusiasm about the venture, emphasising its potential impact on small to medium-sized businesses. "This is a unique product that will assist businesses in managing their personal information storage and handling practices, thereby enhancing legal compliance with the Privacy Act," Roth said. He highlighted the product's ease of use and its role in simplifying the complex landscape of the Privacy Act, which is subject to continuous legislative changes.

Andrew Lawrence, CEO of de.iterate, echoed Roth's sentiments, emphasising the product's design to meet the growing needs of Australian businesses. "The de.iterate Privacy Act is a real turn-key solution. Our collaboration with Source, a company that shares our commitment to excellence and innovation, allows us to extend our reach and help more businesses achieve compliance with ease and confidence," Lawrence stated.

The new product will be available through the de.iterate platform and promises several bespoke features, including customisable registers, a compliance calendar, in-built policies, and dynamic data mapping. These tools are designed to streamline the compliance process, making it more manageable for businesses to adhere to the Privacy Act's requirements.

Australian businesses, in order to comply with the Privacy Act, will need to implement a range of measures. These include having a clear and unambiguous Privacy Policy on their website, establishing a data access request process capable of responding within 30 days, and maintaining a register of collected and stored data. Additionally, businesses must be aware of the duration and purpose of data storage, have processes for deleting or de-identifying redundant data, and keep track of data shared with suppliers, including the location of data storage by these suppliers.