SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Data Protection
#
Data Privacy
#
Cybersecurity

Why safeguarding children’s data is essential in the digital age

Today
By Alyssa Blackburn, Global Program Manager - Information Management, AvePoint

Since the introduction of the Privacy Act in 1988, technology has changed the privacy landscape beyond any lawmaker's wildest imagination. The recent updates to the Act acknowledge the impact of technology on children's privacy, with a key focus on the establishment of a Children's Online Privacy Code to improve the protection of children online and help bring Australia in line with other jurisdictions. 

A lot of people know that in addition to being an information management professional, I also have three (very awesome) children so I understand the incredibly important role organisations play in protecting our children's privacy in all areas of their lives. Whilst most organisations are adept at protecting data belonging to consenting adults, handling data relating to children comes with a whole host of new challenges that - as the new Privacy Act recognises - are often overlooked. 

Applying child privacy regulation to meet unique environments 

All three of my children participate in competitive sports and recreational activities. Our children's privacy isn't something we often connect with playing in the local cricket team or entering a gymnastics competition, but it should be. These organisations hold plenty of personally identifiable data like names, addresses, dates of birth as well as sensitive medical and health records that could easily be exploited without the right protections in place. 

I recently spoke with Karen Weaver, Founder of the Australasian Gymnastics and Dance Academy, about how the organisation ensures they are safeguarding the data of children and minors. Karen told me that since she started the Academy 25 years ago, their privacy policies have had to evolve with new technology, particularly when it comes to social media. 

"It's important for business leaders to understand the different regulations that apply in different jurisdictions and from sport to sport. For our industry, especially gymnastics, we are very fortunate here that our national body, Gymnastics Australia, takes privacy very seriously. We also have the Australian Sports Commission which has a lot of guidelines and protocols we must follow and uphold."

From sporting organisations to child care centres and other educational institutions, business leaders need to understand the regulations and then interpret them in a way that best suits their environment and organisation. For example, at Australasian Gymnastics and Dance Academy, 80% of their coaching staff are also under 18, adding another layer of complexity to protecting the minors in their care. This is not dissimilar to the child/after-school care workforce, many of whom may also be under 18. 

Steps towards improving data privacy for children 

It's imperative to understand your organisation's unique privacy requirements, and when you've done that, it's time to put in place the right tools to ensure you mitigate the specific privacy risks you're facing.

The Australasian Gymnastics and Dance Academy tackles privacy challenges with a mix of people, processes, and technology. This includes strict, role-based access controls to ensure only authorised personnel can view and modify certain information, data encryption - not only in transit but also in rest, using secure protocols when transmitting data over networks, and retaining only the minimum amount of information to avoid storing unnecessary personal data. In our discussion, Karen also stressed the importance of regularly reviewing data and deleting what you no longer need. 

From a people perspective, the Australasian Gymnastics and Dance Academy conducts regular training sessions for all of their employees where they cover privacy laws, data protection principles and organisation policies. All policies and data collection guidelines are accessible to employees at all times. 

It's important that organisations storing children's data understand that no matter how small they may be,  data governance needs to be a critical part of their operational strategy. 

We know Australian parents are concerned about their children's data privacy. A 2023 survey found 85% of parents believe children must be empowered to use the internet and online services, but their data privacy must be protected. Whilst we often think this mostly applies to navigating their own social media accounts, any organisation storing children's data interactions understands their responsibility to keep our children safe. 

Whether you're a local community sports association or an education provider, taking privacy seriously is paramount to protecting the children you serve. 

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
PMT Security unveils new division for data centre solutions
Macquarie Government expands partnership with Netskope
Nozomi uncovers critical flaws in Advantech networks gear
Aus3C unveils data framework to boost Aussie cyber defences
Cybersecurity expert predicts AI & fraud threats for 2025
Top stories
AI in enterprise shifts focus to practical applications
Balancing AI advances with cybersecurity risks & caution
AI's dual role in future cybersecurity: threat & ally
Exclusive: How Aus3C is strengthening data security through new framework initiative
Five Eyes endorse Semperis’ Purple Knight for cyber defence